Static task
static1
Behavioral task
behavioral1
Sample
Order Details.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Order Details.exe
Resource
win10v2004-20240508-en
General
-
Target
01072024_1117_30062024_Order Details.zip
-
Size
480KB
-
MD5
bd0e58c36902edcf231dc4c534a0e2d0
-
SHA1
00c9a156d6373e90d38871e1cc5be6680efd2eae
-
SHA256
7c5f0fa282017c5a44d59e8835d577096f8277d02954b1d649397e3f11851fb3
-
SHA512
1e336c98ba8227c31362ee4bd7dce96c27cee380437231647e2a0bb216b82a44c95cad4537bccf01b35d6590f969ed622f94823a8dbc68a2a94eb401091e3c43
-
SSDEEP
12288:+CFjB/ZK+Fc3R1hfFJyqjAdnhaGOUfIG/41zy:+0BKJPJyThBbwG/4Fy
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Order Details.exe
Files
-
01072024_1117_30062024_Order Details.zip.zip
Password: infected
-
Order Details.exe.exe windows:4 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ