Static task
static1
Behavioral task
behavioral1
Sample
Payment Invoice.exe
Resource
win7-20230824-en
Behavioral task
behavioral2
Sample
Payment Invoice.exe
Resource
win10v2004-20230703-en
General
-
Target
0e3bcfa68092483cc3e298c0207a64b44b3d381957b583fba84972a8c8c3fcf7
-
Size
796KB
-
MD5
ac50b9e77b749c0566e94a4a95671272
-
SHA1
7385bd57cd41e57fc28a19837bc21bfbe95a2878
-
SHA256
0e3bcfa68092483cc3e298c0207a64b44b3d381957b583fba84972a8c8c3fcf7
-
SHA512
4f1742b13e1238e3af61e2a71bf91be9b016b63bd38ed004778c3a2555e9f6decaf1480c126fe02e1015c30824fd4eced27754283e2329312ed1f468d116c2a3
-
SSDEEP
24576:XzzHBZdVSNncBzhWsDuQ6nEh2fzbcq0LZLQUQg:XzzS6juPEyzbcRZLQU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Payment Invoice.exe
Files
-
0e3bcfa68092483cc3e298c0207a64b44b3d381957b583fba84972a8c8c3fcf7.rar
-
Payment Invoice.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 814KB - Virtual size: 814KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ