Static task
static1
Behavioral task
behavioral1
Sample
RETENCIÓN 001-002-000006770 FACTURA ELECTRÓNICA POR PAGAR.rar
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
RETENCIÓN 001-002-000006770 FACTURA ELECTRÓNICA POR PAGAR.rar
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
RETENCIÓN 001-002-000006770 FACTURA ELECTRÓNICA POR PAGAR.exe
Resource
win7-20230220-en
General
-
Target
RETENCIÓN 001-002-000006770 FACTURA ELECTRÓNICA POR PAGAR.rar
-
Size
1.2MB
-
MD5
19e127c10ee33237b16a2b1437f823a9
-
SHA1
8079af8944008a471b85fdad90223fd75af6ad82
-
SHA256
9a50e8852c21875b333fa210d814be7f0acc096afab6d06cc438d1ace3f42993
-
SHA512
2131ac1364fc845d8b1d9778b9a726b46d2891d5ee1e6c2d30452d95d864408c3e0661a3632ca4bc03c8862ac48c75b1b23e28e98c27bf9b99a39c736d8930a4
-
SSDEEP
24576:XNE7RLlBTYck2eeXtvzz56RlryGy7oq9NKd6xpWG4WCZg4O2yWT0:XsRRBTzkbedz56RlqnNK4DWGMZ1fT0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/RETENCIÓN 001-002-000006770 FACTURA ELECTRÓNICA POR PAGAR.exe
Files
-
RETENCIÓN 001-002-000006770 FACTURA ELECTRÓNICA POR PAGAR.rar.rar
-
RETENCIÓN 001-002-000006770 FACTURA ELECTRÓNICA POR PAGAR.exe.exe windows x86
Password: 095
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 496KB - Virtual size: 495KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ