PAYMENT ADVANCE[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PAYMENT ADVANCE.exe
Size

684KB
MD5

92e0d0c2da2e7371d89f33f4da4681bd
SHA1

fa9daddadbf8c27a11c5b8f91e48e1659a9b3916
SHA256

e451ae19f163ea57cff01b042d69e4e939a1854adc94dff0f40dfbad06c2b19b
SHA512

674dd8dc2e5bd5c8d99c0b48b83a09d7d5093a7eba2df55f7b643b3c3aad8dc9b142f0d47df34940149f6dbfb94358f1d629749a9f2b43def1d9a4cdb7f9cf37
SSDEEP

12288:ftzX+UwfSuNKR0f8gr2qtCUAhMebGlBsxxs2qieMI8WK2kNHIBF5:ftzWSuNKR0f8gr2qtC/YMxsn3MVWK2kE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PAYMENT ADVANCE.exe

Files

PAYMENT ADVANCE.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 507KB - Virtual size: 507KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ