PAYMENT COPY[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PAYMENT COPY.exe
Size

618KB
MD5

9aeb260fe881bda509d3398ec57909ef
SHA1

59443b0839551bdd01d7ba7b71e889d5ebe3b1b1
SHA256

3520f6322123eacd232b1dd107d892e852aa8cfa79eaf4fc3fb9c5b23893c948
SHA512

621117b74035ece4059ac3e0fd044da3a9a41d1c0b313fba1754ce97c96ba2f2d39e26336a268944d9e3ecfbf0e9fc7a7e0f11933f40963fc84385d3dc95faa9
SSDEEP

12288:N5LbzIu9+r9wxQHYgbC6S9Fk40Ty39TCJ1lOUyilxfnBYBpxN/vAuPHU8:N5LA9OQ4Xhp5NTCzlOUyij/BYlZNH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PAYMENT COPY.exe

Files

PAYMENT COPY.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 615KB - Virtual size: 615KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ