Payment-Cop[y[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Payment-Cop[y.rar
Size

629KB
MD5

1e0422fa95fb9e6efdb4f6aeb37a73d1
SHA1

77309df065eaec44ea34ad25d711fabba4aeb20d
SHA256

0e2c4aa4af72f900ce4fb8885e5ee80edc133b10704d1a2d11577bc8e8a7834f
SHA512

cff4e50c455ba20c3bbb02fffb780da05e36ca7af0916a123495eb3bf0b78c0a2421c6200ae1934da57ffef6e5b626317bb6305d8a9b2ecca4a8a991e9f2dd33
SSDEEP

12288:TRD+p8iw5/mPYTiJ6xF41s0wKSXj7BfH6c2PxW34WDTH5oc:VDOZ6/mPU1+1JHST7B/L34+6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Payment-Cop[y.exe

Files

Payment-Cop[y.rar
.rar
Payment-Cop[y.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 715KB - Virtual size: 714KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ