General

  • Target

    Shipping documents 000293994900.exe

  • Size

    722KB

  • MD5

    c8d26f7208eaaa31a839ec190489c9a1

  • SHA1

    c9bc4695a4f4afdcc89d216b7ad8d0ce4d0bc7e3

  • SHA256

    f96b6c703fe5b13fd985d91da265c58d3d5b2f81397ebe27527e59c208819d2e

  • SHA512

    30983bc1f3b8fc96023d5b2773ab41ee1ced9718334d1cc50a24143a4d6ed04dfdc9400c9f401df20bc7dd05919a5936b3e7fb97c7504f804cd06210eee7f168

  • SSDEEP

    12288:8tvD9kg2V9Lki65FEdYjpTEl9msWkXfflWGwzc7MnWAdV/sPsrVawwDXZsBwRsOd:1XlP60dM4b1nlMGMnWAdV9wtsBShx

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Shipping documents 000293994900.exe
    .exe windows:4 windows x86 arch:x86

    e221f4f7d36469d53810a4b5f9fc8966


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • 660.jpg
    .jpg
  • Editere.ter
  • Gaberloonie.Pla73
  • Wodewose235.enc
  • dharma.txt
  • shears.sip