invoice paymentPayNGATERRAX24176[.]r16[.]rar | Triage

Sharing

General

Target

invoice paymentPayNGATERRAX24176.r16.rar
Size

597KB
MD5

5e62e731cd400c987d6d62f3a6a47f84
SHA1

367c74dddcf729e66c2fe26c8a233a26fd8b4ccd
SHA256

48a689bb74164a63f1c988cebdc17b55e182f2c1af96bd967325094d301698a6
SHA512

23c4bbbcd465a1cc98a2c064e88d4bb24f6b2fe7fa9960bb61cd853a904bffb3c3e48649ee0243d88da9f07165c01c01e66d83d4aeaa2ac80acc768119616193
SSDEEP

12288:Br7guyKv2ticLPL2gSMO+YSdc6HKOBL5DgebIGrXTI+VVCIIktDO6:6vD2lMO+YSPDDgeDk+V9IEDO6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/invoice paymentPayNGATERRAX24176.exe

Files

invoice paymentPayNGATERRAX24176.r16.rar
.rar
invoice paymentPayNGATERRAX24176.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

yIkC.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 798KB - Virtual size: 798KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ