demeonay[.]tgz | Triage

Sharing

General

Target

demeonay.tgz
Size

846KB
MD5

b448b8e143c4a2c512a9963133162e89
SHA1

70c8fea5e45fef06fef7501baa25d072b06478d1
SHA256

5dc440ad55871976c55f08048e7411d242a64324065fc91648d8771c2bfabce9
SHA512

3b9be95552400e69262284aa586f1cb032d284b4654d61f7c854c63efec2785fc83d23005a42accfcda9a5e935dc14ebbf9718ab98e8c82aa327fe4d81a8e00d
SSDEEP

768:DtF5w+B6dQn/q7EZnkrBnWEnVZaWTQ2Bp0dAgdH9WOJLEq:15l/VtbWT9p0dAgfJ4q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Ödeme onayı.exe

Files

demeonay.tgz
.gz
sample
.tar
Ödeme onayı.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

QQCSD23424.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ