Zahlungshinweis[.]tgz | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Zahlungshinweis.tgz
Size

1.5MB
MD5

c8d2831a950a3df90e7c5623df9468e2
SHA1

d8c39992ec905d72a63c7e504f5ba4931ad98ad0
SHA256

f8aea5126683644a2292b8c285cf0efe942771298b6eb9f68013b3072080f7aa
SHA512

cc458f5ee0fba5c45ff48d533ebb5318164578f0dd07918bbc21654691cb869d4169ef443a444b52305679690bf08700b135e331142a70c567dc46dbfb0c7a43
SSDEEP

12288:UC5XPcDhmX1Cpa1uOq0esbopszQwC1Yog+e/5NysWJSNt0kKrW:Uckispahq0DboOQB1YozYB2SJKa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Zahlungshinweis.exe

Files

Zahlungshinweis.tgz
.gz
sample
.tar
Zahlungshinweis.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 681KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ