23112023_2212_OTP_PAYM[.]ISO | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23112023_2212_OTP_PAYM.ISO
Size

1.2MB
MD5

28b4de11dd5b8be2e8dd9de02c7d71e0
SHA1

0375e9f06daeb84302c728b3f3b79e095b6b5e1c
SHA256

341766526e9621c276c0a9a349f0b8ee6279ef1e23e77216dfdbff0c5625a4af
SHA512

d1149a1aae767d5025c6a65feeed824a4000d3b3614b893993d8e6996e79baaa70d9d563914e4ed9844864225da80066f6d8afb745f40d9228a94d7022ea297b
SSDEEP

6144:dszdmQFMdU8jt/K+USAXlDuKvYys7pEumAH:dCdmmKUurcxrsVEumAH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/OTP_PAYM.BAT

Files

23112023_2212_OTP_PAYM.ISO
.iso

Password: infected
OTP_PAYM.BAT
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ