Static task
static1
Behavioral task
behavioral1
Sample
PROOF OF PAYMENT.scr.exe
Resource
win7-20240221-en
General
-
Target
PROOF OF PAYMENT.scr.exe
-
Size
670KB
-
MD5
11b19b59f657910f0af49721a77bc2dd
-
SHA1
3078779d892bd96e5dfddb76d491f52eefd39a2d
-
SHA256
c03858657307a20f2da776ba010c76495276e80306c19b70f44342c8bcaece85
-
SHA512
de92458acc1341bd5db1ca3f5542339c5e06dac938903efc9c9eeca234058a92fb1e99bdb94c547a7126dfe033c300beb5a8ef3ca63dcb61bb6dbd397b7602e2
-
SSDEEP
12288:EWYIPXjxannnHg2g2Qsj2kGPBjQW/dAOAbnB4BziHmBOXB3NEqRFnj7Qu4YCgca:EWYIPFannnHg2F2kUBjB8B4BOHLXcqbh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource PROOF OF PAYMENT.scr.exe
Files
-
PROOF OF PAYMENT.scr.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 660KB - Virtual size: 659KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ