PAYMENT ADVICE[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PAYMENT ADVICE.exe
Size

780KB
MD5

20a372760916a342fa132d0f53240da2
SHA1

6a5c8b6b2baa2dd1936f874dfd1366cebc51b913
SHA256

ebd95361bcf948797ece2e75a9c5e908e85be967b016656d42ffcaa3a5c6f29e
SHA512

a1f19bdad53d2375cbccc8f873a3088ef6d82bbfd7f8ed2bd15bf3a3e6bd6965a7fdf8f31c3cb325c231d13b97b93819ec61aa0b1512fdd07ef9b204190cc080
SSDEEP

6144:yFvQe+OlUENL72yM5Vxvb08rAERvKawaNNuw7TtvpF9lr06U2U0L10m9nZm:yH+Ty/iA8rAEZ/1p9P920Zh9Zm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PAYMENT ADVICE.exe

Files

PAYMENT ADVICE.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 777KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ