PAYMENT CONFIRMATION[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PAYMENT CONFIRMATION.zip
Size

670KB
MD5

ba4ab7f9baae5a8aa26bc0dd1037e762
SHA1

8f70c1755fb5abe889fd86f36b6e298255f75615
SHA256

e0dd4b2728e8fdec97e24c2ee5ec3825967158b3b9089c0a08fbec65af801db2
SHA512

d553b83dd050a15b14d9227755ee34e876c1896f5b797ac84fa34e0a951cdf8db2672e88c63bba762464406edfa61a704ac3d531154010bad3af8ce8b933081e
SSDEEP

12288:NkMLG2zCpyfxEc1BkUNYpgHs1ybzdfUwaogF+XDNwr1PSp8CIV8/5ChWASg:NpGXA5cgEUdfUsk4BwrK/jng

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PAYMENT CONFIRMATION.exe

Files

PAYMENT CONFIRMATION.zip
.zip
PAYMENT CONFIRMATION.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 742KB - Virtual size: 742KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ