PI and payment confirmed pdf[.]exe | Triage

Sharing

General

Target

PI and payment confirmed pdf.exe
Size

1.5MB
MD5

e7a6ceb1e92d347de7fc59f2bdaaa983
SHA1

cbb2980d5fefd1dc982ed46346150b401df81ab0
SHA256

76145dd8fc5f8c21d79d3fa02252e3006fc43d57a87cbc974e51b4975bc10d7e
SHA512

315feb761bb85df9fcb8f67519d602ba39cdaf9c979b8e54616a61d4f4c4045bda5f156d9fb76def2bdc78608611856d9d67764c83107e5c0210d5acd58ae7cb
SSDEEP

24576:raVRQ9cDptbr5YQrM+EOFQCX6QmBiv3aBELJhWEH7VkHG5GJtr:raXt2aM+EMQCvXL7VsG5WR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

PI and payment confirmed pdf.exe

Files

PI and payment confirmed pdf.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 437KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 869KB - Virtual size: 868KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ