btc-receipt[.]exe | Triage

Sharing

General

Target

btc-receipt.exe
Size

780KB
MD5

0c93904abb61aaf75ef8f7210de308e6
SHA1

3eae214dd0cd6051d9dca98392c07085f171f2a7
SHA256

91107f4a383ddb76d6fd153077d57c528551ace7385fb10db1bb3e46c3603b62
SHA512

c9c6de347b26c1b76e50cd3c500d1e7f020810562b6eb257f7160efe8fed4b95d4f664f94f0ec1fe6e12640473098008b6d4d1fbf2a4b5ba05e5f62b20539db7
SSDEEP

12288:J2tgXH3sduObXsHylkxlOG6+iJN+CeS9hs7hh8Txf5NTh3ZUaeso9JTaP5lREAmD:gtTClOG6pf33rehWNt3mJ/S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
btc-receipt.exe

Files

btc-receipt.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

`4]]T>
Size: 649KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ