Payment Comfirmation[.]exe | Triage

Sharing

General

Target

Payment Comfirmation.exe
Size

772KB
MD5

86c532b1132630146227a27f3179d897
SHA1

8bd4224bf2079d60e6fef9e40ab7bc1ea391315a
SHA256

6be92b0d491f6d5d7f65e01a3336aac1155f091ad6def08b541e07b68eda3bb4
SHA512

4272bb687f400e0adcf8a5c2b48d7d4a5d4a46e5cde9b2f5d4cba50030842bb8ff0b14658308fd059730a2e4c8acdffabc5da510b9679c530ab944e50ef7896a
SSDEEP

12288:Dvdi9wecl9iWse2abS7m3hoV1QicvYxJqd4trX0ir31DPyKI:DI9weFW+abrh2UAP7RXRrlDPyKI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Payment Comfirmation.exe

Files

Payment Comfirmation.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

tEKG.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 769KB - Virtual size: 769KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ