fb8f03fd3ca22b3cdad3f980c3bea82202e673c3c5c1180f6f9e4860d18a641b | Triage

Sharing

General

Target

fb8f03fd3ca22b3cdad3f980c3bea82202e673c3c5c1180f6f9e4860d18a641b
Size

532KB
MD5

204a1961ca198009b7664a090c6c2ace
SHA1

ab55dca66fcbc07910e000c82d2109114ffdc97c
SHA256

fb8f03fd3ca22b3cdad3f980c3bea82202e673c3c5c1180f6f9e4860d18a641b
SHA512

35ee4e22176b52beb7155f59277f2dc3e172c2410bfcacc93f9db1a4607421b58095ad4358bbd98ed78e17d34a4f4032a7eb22a7db0623655c3a124c7fe69466
SSDEEP

12288:N8tiulaXIznx1DSJSnGHJMDAMNHc9CEyaX/U0P/MrrZHIfKjOYvwpzfPz1Y5:N8tiy/reJMGH2DAMZFHE80EIfKyYvKfi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Paid76367.exe

Files

fb8f03fd3ca22b3cdad3f980c3bea82202e673c3c5c1180f6f9e4860d18a641b
.zip
Paid76367.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 763KB - Virtual size: 762KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ