936f6480b7bbdfc5b75cb7922590c16663c790bedb8c34495468226cb0ded619[.]rar | Triage

Sharing

General

Target

936f6480b7bbdfc5b75cb7922590c16663c790bedb8c34495468226cb0ded619.rar
Size

520KB
MD5

0f305d905b75f0c7568fb843527b65cd
SHA1

d4f12cf724ce019b8d261a8b4c5f60986becc82e
SHA256

936f6480b7bbdfc5b75cb7922590c16663c790bedb8c34495468226cb0ded619
SHA512

87a4d7c4ceb70b252ee319fe415d0fb403d32cefa0902c9cbe3c54113d9708c0bf17a6934df0acfdb7ab527c365dd1b84a5c8f2ce2f7417a9cafc727d069d204
SSDEEP

12288:mRthtumX0AhMg8Tx/Ggu2CINBLF03vFpAlPVXP:OjumXpnN2CiLaFpAT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/GST e-Payment.NET.CMS4006900371.exe

Files

936f6480b7bbdfc5b75cb7922590c16663c790bedb8c34495468226cb0ded619.rar
.rar
GST e-Payment.NET.CMS4006900371.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 540KB - Virtual size: 539KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ