Static task
static1
Behavioral task
behavioral1
Sample
new order.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
new order.exe
Resource
win10v2004-20240226-en
General
-
Target
new order.exe
-
Size
1.8MB
-
MD5
0c5a964f9cbf2fec077302e6baa7316f
-
SHA1
d0593ff771d4cf489903b807aa93f29f5a51f0b5
-
SHA256
dd93e71cdd590d9c74d24a1b822948e7501b7a38df590d4d52ddf3e862a0cb2d
-
SHA512
4947d5c0632be00af4ae33700eb85a82daea3f2e1a373b8e454a7103a6959e7f31b973c135ae498b3c70da1c12cdf3482bf43ad3abf92ce7af3f3a54d47a6817
-
SSDEEP
12288:g6R0Jt0zWWrUufKjFokZGX+KxITevb8OaAN:gi0Jt9W6FovBx3DV
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource new order.exe
Files
-
new order.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ