26072024_0257_25072024_Shipment Details[.][.]IMG | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26072024_0257_25072024_Shipment Details..IMG
Size

1.4MB
MD5

3dd88a362c6a20159451f92e69f438b3
SHA1

33d895f00f6535b5452b124230a52abdc0ad8b49
SHA256

437945c89a32a31cd1ce1b71b24e850af688e7b16ca5e9986568cf473cbd5bfd
SHA512

0236144e2a03c954a6653490f5272bb69e4f6f58a8793a32f51572a5d30e75b145b3615d7f728bae813f8b82cab9964ea7c6704e302fbc765d5f70e9d1da5fc6
SSDEEP

24576:Cnyde/P9JRC9/qKVr9irfZv5Kb0gVDt/Aoso:l+PtC9/qKl9uxvsXVJ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PAYMENT_CONFIRMATION.exe

Files

26072024_0257_25072024_Shipment Details..IMG
.iso

Password: infected
out.iso
.iso

Password: infected
PAYMENT_CONFIRMATION.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 856KB - Virtual size: 855KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ