0f4e69ac0ba94266f7a6e3c72d381489d21b4bfc56adbec6042ca430f547ceef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f4e69ac0ba94266f7a6e3c72d381489d21b4bfc56adbec6042ca430f547ceef
Size

75KB
MD5

0b1cb8ab504d5f5bb637712ca6375446
SHA1

4b4c8d755ca6d46e255533926a8a1ddf0f8a72d2
SHA256

0f4e69ac0ba94266f7a6e3c72d381489d21b4bfc56adbec6042ca430f547ceef
SHA512

650307549bedd3e51150111776a73cdac23990efccbbc8edc45f856828cfd2df77328795c8392c3c90a2260823e1abd87d6761f3d0f653c88d78580fd1708e59
SSDEEP

1536:zPsMYTYxzVxasj+uVZiyCzZNhR+gg/qcEjiTuR7J3pZdihSs0RjdN+xwkN:zVQEzV1BZilzZvR+D/ojmuRt3pZdhh1E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/USD Payment Confirmation.exe

Files

0f4e69ac0ba94266f7a6e3c72d381489d21b4bfc56adbec6042ca430f547ceef
.rar
USD Payment Confirmation.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ