Static task
static1
Behavioral task
behavioral1
Sample
Payment receipt.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Payment receipt.exe
Resource
win10v2004-20230220-en
General
-
Target
Payment receipt.rar
-
Size
695KB
-
MD5
df0f119491d6598ea1058c7f08881d0e
-
SHA1
6508f9971f1306e532e6396757e1b6d0c517fc31
-
SHA256
622771fb67708ab5585e708cee5cb16c45c23fe7f38f48026da96e5078121820
-
SHA512
c5413ec200bf22e912e86f028e9debdbe6dff48cef2703a9bba3d82ec850c3e7af580d0faa35dd72dcd4d2d872e62c602a638a5e2fcee536fe9de901f935fad5
-
SSDEEP
12288:h/GrzB4zRNmxJ/HMFe8X5d5UEarAHr5Wjsl7c88N9xVxcqEn6vsqFvsieDdVJpE:h/GPujkstJdaVAHr59c8oYqE6vRvWE
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Payment receipt.exe
Files
-
Payment receipt.rar.rar
-
Payment receipt.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 824KB - Virtual size: 824KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ