Confirmación de pago[.]tgz | Triage

Sharing

General

Target

Confirmación de pago.tgz
Size

1.3MB
MD5

0ceb2e152b06c428b7bd9c02f662f33d
SHA1

703d697cfb7187a417557cfa150659d0d0fb8b1c
SHA256

18c2294fcba0ff1a3a480a0fca8c5eee8b9681752f7ca912be7c503fd2263337
SHA512

c4c8f9e918aa0f057fe797d28b9bceab81dc318185f6fbae9d0ac8c3256b1f73125152b944ade848beffb96bc063dcce134f79333d117ce66a1308f82d22aca7
SSDEEP

12288:pJNHyrQMVlmreOQzZvjlpJY5HEw8aXSQ1x1ai8CpD2gX4B3CZYgSGBN8r9+SOUzo:3NScCl0e7VO1x0AagoUZYrwQUUzo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Confirmación de pago.exe

Files

Confirmación de pago.tgz
.gz
sample
.tar
Confirmación de pago.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 744KB - Virtual size: 743KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ