REF TT2W4566 PAY Doc[.]img | Triage

Sharing

Copy URL Twitter E-mail

General

Target

REF TT2W4566 PAY Doc.img
Size

1.3MB
MD5

95272eba9b2f86c86a3e3f7f7563a287
SHA1

d484e816914967279c17052f17a4be7dba085b23
SHA256

030cc5d3b7ce67dfeac43e05df3ac358a13ad7d4ac724fa920d17cf83833b81d
SHA512

10cd223a254b9ba21862525974f44ae61eacebbb4f9aa5829ad6aa42daae13cd2d8edcd9b4e1712b5ef9b358d7479ecc06453506456df713cf5a139d827941be
SSDEEP

24576:P4uV5h7WqJZMIl3ZiBuQaYwIGERurkZlGO:P4uh7hJZl3nvxzEQO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/G0ULQF5Y.EXE

Files

REF TT2W4566 PAY Doc.img
.iso
G0ULQF5Y.EXE
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ