Static task
static1
Behavioral task
behavioral1
Sample
Balance payment.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Balance payment.exe
Resource
win10v2004-20231127-en
General
-
Target
Balance payment.zip
-
Size
612KB
-
MD5
d374823e8673ee2f9367f9738b995419
-
SHA1
42a0d8d9122637384b6b9997924672933943e7d5
-
SHA256
2a044848c113e892dfd68786fcb9f2cc9d8d6777104aff9aa1054ae69bcf4d04
-
SHA512
c484b2310c353f989864d3c4685f78b5d27b061f6fe66a2661b0089845510bf7ed161fda1370219c424fac7db78d98712522ef850693f108351dec09885de240
-
SSDEEP
12288:KZQMiVd9xQPvdGnAfoWz8m5c94IhN8uEUlDRZolaHDjJkf+vzAgZ3Ms:oi3cGAfoW5apEKRJkf+rZ8s
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Balance payment.exe
Files
-
Balance payment.zip.zip
-
Balance payment.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 648KB - Virtual size: 647KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ