General

  • Target

    01072025_0620_26062025_JUSTIFICANTE DE PAGO.rar

  • Size

    1.5MB

  • MD5

    dae0c6419eca5adb5be73ee06c3e8e3b

  • SHA1

    65e4a8422e1c4c3686c117ff0cc7dcd09bf725d3

  • SHA256

    1128b81c3594f37f526d03bf96e6a604b0771dc0972b20ddab1a8eecbf002990

  • SHA512

    d06e47ab822d7ac2e83147d3cc909d354352ebb4b295e2a883096be53f46c4d1d05bc3fd0f111927e4b5c73c41c15a79237daee4d67daa9c2cfe8d31330a08c4

  • SSDEEP

    49152:bjWeBlTeoEOnm81a/lpcv4nh0jgvfMhtqm:XWUlO8Q/l+wnzOtB

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 01072025_0620_26062025_JUSTIFICANTE DE PAGO.rar
    .rar

    Password: infected

  • JUSTIFICANTE DE PAGO.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    b34f154ec913d2d2c435cbd644e91687


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    3e8d18bb71c7ebbda2ddc2a4bb03547b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • Forpligtigelseserklringerne19/Efterkommelsesfrister57.Pap224
  • Forpligtigelseserklringerne19/Maturity.Ort
  • Forpligtigelseserklringerne19/Redrag.afm
  • Forpligtigelseserklringerne19/asedes.aft
  • Forpligtigelseserklringerne19/dvler.inv
  • Forpligtigelseserklringerne19/hideling.ini
  • Mrkningerne/tilskudsreglen.pol
  • Mrkningerne/trilaurin.jpg
    .jpg

    Password: infected

  • Mrkningerne/tronprtendenten.txt
  • Mrkningerne/unbluffed.ini
  • Pingfeng242/nonreading.ret
  • Pingfeng242/sejlklub.ini
  • Pingfeng242/soubrettes.jpg
    .jpg

    Password: infected