Outstanding Payment[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Outstanding Payment.rar
Size

648KB
MD5

68508033be679139e5d59b3f32429fab
SHA1

73893b3bdb9dffd9239428da626d17fd844d27bb
SHA256

95e502ac566d62e3930ce23cae0f68209b3f5ea75f27cfc17fa62004a0fb6556
SHA512

5963f82b629bbdc468d5671d53855fa24e4bbca95c2efa419bb60dd75d9c516ee1e59aeefb52bc2cd150b10cefa668bf936916a4e2d1fc6bb65a3a5ae2e027b5
SSDEEP

12288:HvXhpZ+MFOkXTXynnmjTp9kEGtNAlYvXRFpedGdSyVuJBr6wsIr:HpXz1Tp9qNpvhzeda1c6wj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Outstanding Payment.exe

Files

Outstanding Payment.rar
.rar
Outstanding Payment.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 795KB - Virtual size: 795KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ