Confirm Invoice (2)[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Confirm Invoice (2).exe
Size

743KB
MD5

42574a2e7d5948e76bd5426ff7b2845b
SHA1

f41cb3e525d83fcefd0b9aee987fd771a326d0da
SHA256

b7a1f477403fe537f3a53d1c9a553a0c8fe37c78a0119888df0b2c4ec77dd5ee
SHA512

ca4ab7a34e2c065ae6e3a3d50bacd52c607387af4c7c00eefd801f0e5c393025a671a0407e7098c3c8c96c0fc5c22282755561926be95f3efff9f88f5d53e372
SSDEEP

12288:KzcgXtg7nKAtYCLGFaAXc8jUmb78/d0DmxGgFWhONG/mgrOBmIUhRcOJ5cZ:KzcrrbFLGp9Ub/d0dONdPYI5y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Confirm Invoice (2).exe

Files

Confirm Invoice (2).exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ