Over Payment[.]jpg[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Over Payment.jpg.exe
Size

906KB
MD5

82eb97b549a1669903d69583959a739b
SHA1

4343b8316ef0142de3be399923b6ecc89c8b1cda
SHA256

a6626b46f5d4c12a3852016fbb3d7ce8c16622d2d7518d2a5425651290363ada
SHA512

e383e58cfa537af92e0f2394237dd3333dc84d20a65d66c069c3a87fb3f7ce1a437b027ca066a600ed38ad47c2731e437c2e078545168e4b3b940faf3f10d4b6
SSDEEP

24576:/yeN3QgTT0KH1MgZ4PPsgnHCl/7a0j29:/yehT0AMgqsgHo7dG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Over Payment.jpg.exe

Files

Over Payment.jpg.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

pmpc.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 903KB - Virtual size: 903KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ