13d4b5daf8b330ea265b54b0b90028d8c3e67578336cc9557eefd962bb0f9eea | Triage

Sharing

General

Target

13d4b5daf8b330ea265b54b0b90028d8c3e67578336cc9557eefd962bb0f9eea
Size

606KB
MD5

edd0358919d734212a82093eae9f65a4
SHA1

3a4f4aa36c4da0b39a8fd048a580db56cc05bffb
SHA256

13d4b5daf8b330ea265b54b0b90028d8c3e67578336cc9557eefd962bb0f9eea
SHA512

f846f1a28582ff72826a7f0c78e01e0f4d5329a2b62fc2fd7141382db50572131eef18631d2d019bddfd451e01c759b9c25cb33525c74afd69ef333f35b67ed1
SSDEEP

12288:Br3+dDulM3BxlSKTGS63AojAG9WReFaquu8TMWA5:BuK2xxbmwojAuUCBuplO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PO_INV Payment.exe

Files

13d4b5daf8b330ea265b54b0b90028d8c3e67578336cc9557eefd962bb0f9eea
.rar
PO_INV Payment.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 831KB - Virtual size: 830KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ