Static task
static1
Behavioral task
behavioral1
Sample
PAYMENT RECEIPT_pdf.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
PAYMENT RECEIPT_pdf.exe
Resource
win10v2004-20241007-en
General
-
Target
12fc3eb689246a4158ae188d5beec837dba5caeef2624f6193f892daf1873ac4.zip
-
Size
470KB
-
MD5
34b0bc743a5326f3f3fca952bc187369
-
SHA1
62290bc1d8e0a631e1763076c90a0f2e452cae14
-
SHA256
12fc3eb689246a4158ae188d5beec837dba5caeef2624f6193f892daf1873ac4
-
SHA512
0025c181bfb5349956faee5c2987a129f0365f0c51a9be81187960d75ac61c64fa67b7296f6a34f00873887f63a5828c19ffc171f3df64395512f5a0fb23ea3b
-
SSDEEP
12288:hcgYTuluZ6pOLiPzJOjRN6uls0/a2AQWZay5:hMTulEkOLi7JWdlD/a2AQ+5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/PAYMENT RECEIPT_pdf.com
Files
-
12fc3eb689246a4158ae188d5beec837dba5caeef2624f6193f892daf1873ac4.zip.zip
-
PAYMENT RECEIPT_pdf.com.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 898KB - Virtual size: 898KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ