EMITO SOPORTE DE PAGO; EXITOSO REF-0894-2024[.][.]exe[.]bin | Triage

Resubmissions

17/01/2025, 17:06

250117-vmxxbsxqgr 10

17/01/2025, 15:09

250117-sjxq2stmdr 10

Sharing

General

Target

EMITO SOPORTE DE PAGO; EXITOSO REF-0894-2024..exe.bin
Size

1.6MB
MD5

8ab21403f6935629c7685e341b2dad7f
SHA1

eb94ac71923401db278e1d58d5dc0e59cf634e57
SHA256

055b26f8df8fd3f1fab62c1c3754db2ef3409dbe809482c70c9e33e1bd938e69
SHA512

8b159eb14c33ff9c3704f93f41c33f0d9bba1a641ab6b31a8b8d3b81cb87bc71d8edaa175ad7ba48d6fa063d94fae330f81f86ab12710c37ed0aac16cdf0e5ac
SSDEEP

24576:baN1qB5HhMRAuNoYv34Up45bYvWnbTpoOS2ijDrjVA5Rl2o9HQAdVg:1B5HhMRAovIv2SSOS2iXrjVA9/HQAA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
EMITO SOPORTE DE PAGO; EXITOSO REF-0894-2024..exe.bin

Files

EMITO SOPORTE DE PAGO; EXITOSO REF-0894-2024..exe.bin
.exe windows:4 windows x86 arch:x86

1cf44af83fe193f1a81251d93a25cfae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowW
SendMessageTimeoutA
wsprintfW
SendMessageTimeoutW
FindWindowA

shell32

ShellExecuteW
CommandLineToArgvW

kernel32

QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
GetTickCount
GetCurrentThreadId
GetCommandLineA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
CreateFileW
GetNativeSystemInfo
GetVersionExW
GetLastError
ReleaseMutex
CreateMutexW
CreateMutexA
WaitForSingleObject
CloseHandle
FreeLibrary
LoadLibraryW
GetProcAddress
GetCommandLineW
LocalFree
GetCurrentProcessId

Exports

Exports

_Decode@16
_DecodeEx@20
_StringToKey@8

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 728KB - Virtual size: 727KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 716KB - Virtual size: 713KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ