f0aa8c80b1025888e9d3ede6ead19f1c7b41ba4b84ea4333694ef6be08d44870 | Triage

Sharing

General

Target

f0aa8c80b1025888e9d3ede6ead19f1c7b41ba4b84ea4333694ef6be08d44870
Size

1.2MB
MD5

48bd2d7482cd826e2d1f5b45a6fd358c
SHA1

7642953a58a6227c099c6a36efcf9e4168668a4c
SHA256

f0aa8c80b1025888e9d3ede6ead19f1c7b41ba4b84ea4333694ef6be08d44870
SHA512

7d98a5b160a107f4c57f9d536dfe0702e3697717e972d769c05600aef2c037019c8c27911ef72afcb4472fb248340f2216b0fbc0adef953a6fbfaeaaef6eb995
SSDEEP

384:tOVPIn+qcqIV1lBeDQEXpvGTTmPj3UQ0fnFfDhc:EKnsxBeDv5uTej33+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Payment_Notification (64).exe

Files

f0aa8c80b1025888e9d3ede6ead19f1c7b41ba4b84ea4333694ef6be08d44870
.iso
out.iso
.iso
Payment_Notification (64).exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ