Static task
static1
Behavioral task
behavioral1
Sample
PAYMENT RECEIPT_pdf.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
PAYMENT RECEIPT_pdf.exe
Resource
win10v2004-20241007-en
General
-
Target
79492cddbfcf0464ed14297447454ccb548db37ecd084477b7a76fa5a7a7ec35
-
Size
312KB
-
MD5
72608777a8fa21003c23437af1c7983b
-
SHA1
51634e2a12f7106672d6e7fc11417623494cb679
-
SHA256
79492cddbfcf0464ed14297447454ccb548db37ecd084477b7a76fa5a7a7ec35
-
SHA512
a947a7ceacefd5f191de9157c809bcf8e0ab323ff56d4f30f80433aed749ef65511beb098aa7f00245924bde7f466877f99c4ce8dfc1bb8b5cd8a4d26c79b031
-
SSDEEP
6144:BjGFtBQ/e8WzR114pc6kIh9HdoRNRu4gPo6Pvm:BIBQ/zWzR1+zkI3HdoRDu4gPo6Pu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/PAYMENT RECEIPT_pdf.cmd
Files
-
79492cddbfcf0464ed14297447454ccb548db37ecd084477b7a76fa5a7a7ec35.zip
-
PAYMENT RECEIPT_pdf.cmd.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 470KB - Virtual size: 469KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ