18092024_0114_17092024_Pago Pendiente[.]gz | Triage

Sharing

General

Target

18092024_0114_17092024_Pago Pendiente.gz
Size

225KB
MD5

c8f301e0def97ef0aaf4c0a225a7ef11
SHA1

efe302a00430e3561960414326a67190063a0f32
SHA256

46dbc8ab5568cc6cd6448cf32589a57f98eefebbafa8f57ec0ecd239480a6767
SHA512

2055fa84b8bf27a97a88abe4c2dfac1018c520310231e504cc2433c6bd5943a757cb444c31e422966492b59e7cd518f6ef549f7ce47f874c6926a78a3b42dcae
SSDEEP

6144:ARVE4ciK2da3BnN9O4TSGmZnKcJZjWhCVNv754rm:8L5Kia3BNBSGmZnvshCVNv754rm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Pago Pendiente.exe

Files

18092024_0114_17092024_Pago Pendiente.gz
.zip

Password: infected
Pago Pendiente.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

LY0&t
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
mensaje.txt