Static task
static1
Behavioral task
behavioral1
Sample
Ach_Payment_Advice01.exe
Resource
win7-20240220-en
General
-
Target
23052024_1347_22052024_Ach_Payment_Advice01.gz
-
Size
612KB
-
MD5
adf375448796e4d3f80067a25fe89f46
-
SHA1
cfc575914ca0ebe94abf5d89722f6fbfaa9e1ee9
-
SHA256
c992f916c0381e40b3849ad77534f0bb944e4e42283793fd7ac06e245cd43cef
-
SHA512
e98fa14ef9a55f05bc8f48cab97397d732c12154b12caaef0d8fd0e39d8fff5b22f865eb9f9ade221ac64840011f2bbf2361042be9fbabe2c7f398dd976c3dc3
-
SSDEEP
12288:RJCt63Yngjh38jpvNO1ShvoOJ/gf5jb0qy3QQ5tcGgU0fOYeWiKp6cgxA:G63cihMpFutYjtPEU0m3KIcH
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Ach_Payment_Advice01.exe
Files
-
23052024_1347_22052024_Ach_Payment_Advice01.gz.gz
Password: infected
-
Ach_Payment_Advice01.exe.exe windows:4 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 69KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ