payment invoice-pdf[.]gz | Triage

Sharing

Copy URL Twitter E-mail

General

Target

payment invoice-pdf.gz
Size

656KB
MD5

2445746131d8a0f615f8ad2aa1b8118b
SHA1

9a5d409b7a60eb53f698dcf7c03abcc22b11fae4
SHA256

24771a24d9ec5150db1720a4eeb96b49165c5d8937e9a0b2e19df9eb87a3be3a
SHA512

eee8e45f148e21ae9d47557e4a05216a3d3850dda9bc224cf3bd7ef3e127d65d882d7306cdf0ada435e4483097b6a2737c33d054a41581325c3ffd35e58a2e2c
SSDEEP

12288:Tq89K3Hnf1ErEHyI5Gcz14ln7D2V4ojw2ocVoJEmBcS1Sajg:TqkK3/1Vb4VD04ojwayEOc/a0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/payment invoice.exe

Files

payment invoice-pdf.gz
.rar
payment invoice.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 743KB - Virtual size: 743KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ