29042024_2033_29042024_FACTURAS[.]gz | Triage

Sharing

General

Target

29042024_2033_29042024_FACTURAS.gz
Size

540KB
MD5

13070e9f01202d39650387bb7907dac4
SHA1

842021b33a86183b4f633bf45b6f8ae35c307a5c
SHA256

e094ddee9220fb1048fe7c0c92903f1ff69cfc867e82e11801c4c883fe5abff1
SHA512

362e66a8ddc8dd4241102acce183e4fb4290ef9b98e4ccece251b105e274d239286a7106b97fcd72a3586c941b7ee9dc4b4816384d78354e313a95652701f2bd
SSDEEP

12288:n5Y4cCOEWFr2zPSKshrO6/agYBBImlmHUhv+6:5YQg4SKspO6/azSmlmHUV+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack001/FACTURAS.scr

Files

29042024_2033_29042024_FACTURAS.gz
.rar

Password: infected
FACTURAS.scr
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 950KB - Virtual size: 950KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ