f55312e5242f14dc500d5e8e72059b5a470afcf9dbf145a46617626874399bd0 | Triage

Sharing

General

Target

f55312e5242f14dc500d5e8e72059b5a470afcf9dbf145a46617626874399bd0
Size

596KB
MD5

9841794bc88dfc8df8f5d80135ebf8c9
SHA1

e2136760618dcdf5dcda269fa76558b94cc28cf0
SHA256

f55312e5242f14dc500d5e8e72059b5a470afcf9dbf145a46617626874399bd0
SHA512

ab213c1a24294cd2a2549616f6980a72a7f69c50603cf6fc1833c4430b1c5b53eb197295bc307fa8e1b3108febb426599dc145cf826af2290e48ce7fc816a438
SSDEEP

12288:PPmx4he4IPBnbxgVDtW98BaxyM5TsmhZ5sRrDUUJdtdaveg:P+x4+Zdg5di35Q+AR3drIWg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/Payment slip TT.exe

Files

f55312e5242f14dc500d5e8e72059b5a470afcf9dbf145a46617626874399bd0
.zip
Payment slip TT.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ZKX.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 727KB - Virtual size: 727KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ