160b7870db845601bf8c3ea9a2febc10785277295da8872542303cb82b1a3cfc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

160b7870db845601bf8c3ea9a2febc10785277295da8872542303cb82b1a3cfc
Size

1.2MB
MD5

cbeb88a9f3864b213e728bee00411f8f
SHA1

1c150f536aa114a4e31b6a4bd5f316c627fa94e2
SHA256

160b7870db845601bf8c3ea9a2febc10785277295da8872542303cb82b1a3cfc
SHA512

8e8062c5523ec6d4edf199a84cde642a44c527286128b5be5b6e98c58de685f361900df13b7dc76c7c1acc9d784a2c6dcf611294b240051f6d11d3d869c830d8
SSDEEP

12288:/wnwVGdEGJePtot4JgjpYX0jwZ37YMd53rD22Pt:nVG+GE2qJYY8o3UorD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/payment.exe

Files

160b7870db845601bf8c3ea9a2febc10785277295da8872542303cb82b1a3cfc
.iso
out.iso
.iso
payment.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 685KB - Virtual size: 685KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ