Payment Copy #190922-001[.][.][.][.][.][.]pdf[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Payment Copy #190922-001......pdf.zip
Size

927KB
MD5

3e1f496b8af9bf7d0cc26253e0c7db04
SHA1

e09ddd32bca5a8fcb84097a83820fd4671787dfe
SHA256

e568e95435f65a65f46a0ab764d1b0026dd904c887b134ad6b2f47d1c22df767
SHA512

5c75d4b9a273c14f57dc10a3b343769f3aecc01bbbbc70b5a99582a5e6505268fe9bf9529c20c7e594da1219786ef9025836f1f1c889f7d79c348577738ee218
SSDEEP

12288:FQVSGKoC9DqxQvy/Rqm+jcCTLAlLMF3XbmqxznS2OjwwKWt7+fsPUq0j4d/xQzK7:FjGKoCkn+nTDF3fnpJfssO5Qz9DfeX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Payment Copy #190922-001......pdf.exe

Files

Payment Copy #190922-001......pdf.zip
.zip
Payment Copy #190922-001......pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

roIJS.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 989KB - Virtual size: 989KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ