payment[.]7z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

payment.7z
Size

354KB
MD5

7a7368839fee050263a9694c9ea5ff27
SHA1

cf9558a55cb8e112aa1d5a4f94e083d2a178a7dc
SHA256

8ece02b87b504eaf2f44886a8b451967c8975050961a5e3b0a61fdaea567f0ec
SHA512

ef08543355db36b32ffc42bc6bfe0321c7c6f85d61fe330752240e4f98d73afe9e266e20f24ad31b2241c12342cca1e0eedcf2ed2e6dfeed0cf9b0af6602ceb1
SSDEEP

6144:jy7KRlKBn8xLw2oM4W2wAgQ1vh21NCXfPEi8308kCscJofsPBIfOwMJ+:jUK1ZXKgmMYfPEhsLfsPHDJ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/payment.exe

Files

payment.7z
.7z .ps1
payment.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ