25062024_0749_22052024_счет для получения платежа[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25062024_0749_22052024_счет для получения платежа.rar
Size

642KB
MD5

e47c41dd94f2239374f442fac794a4c0
SHA1

cf343b1d346a079e93c9d063f214a02ddcd2f6de
SHA256

17ec415846f352da1145bcf8a4bb81bf7f958d9f8859440c58cfa72d4ec67484
SHA512

663cb9312e018411182450c42683b4b140cc2ef73b4d6bf9e897b5ecd6997160925daf569ccb70bb590550efb9c786aef31f55f35ea6732b9edaed995c14da3f
SSDEEP

12288:b6/2nk2UnF55X3l60ennjbgDJDsveLPuSWD8uEBcm5sYsPOejn5zKg18DQwFApwh:G/2nNa52iDJZFZleL9KRawU76

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/счет для получения платежа.exe

Files

25062024_0749_22052024_счет для получения платежа.rar
.rar

Password: infected
счет для получения платежа.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ