z1PROOFOFPAYMENT[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

z1PROOFOFPAYMENT.exe
Size

963KB
MD5

3b8dd99d65b19a84a276a05804005790
SHA1

c300f31e8e67b4bd92504b94d5d2294b0f8ef5cb
SHA256

efbde8c3fc0f8f18b6b2c93fae4c7aaaa137f866a9d112ebdc534b8477485261
SHA512

6c15f448fdbe5cd63fcb010aae0aa253f9a9702d1edf7527ab73917896fd83b9f5bbd25f8494deabf7c612f7cf3448115f4f9925beaedf395e534158fb630bb5
SSDEEP

24576:uC8wC9aeW7T4WfjBrAodA0bbwkTQ8NmCQN0iiLX:uCG9+FvbzaCQ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
z1PROOFOFPAYMENT.exe

Files

z1PROOFOFPAYMENT.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 960KB - Virtual size: 959KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ