Order QW1502 pdf[.]rar | Triage

Sharing

General

Target

Order QW1502 pdf.rar
Size

1.6MB
MD5

e8f24eec6de28ac481876ac5e8c39b53
SHA1

89734c17e9d54a4b638d84bf3c60202c046feda7
SHA256

b61135c1300d75395161127afafb71130bd1930db014cac9262ebda8ab38acc7
SHA512

e0cd6e844316d88f560d2f1a06b7a03c74de6f7dfe6952e96ccce1cf834af65f93b0edded52d7b24a47c7ae29c43394d859bb80824411a74b45a53371e8023e4

Score

N/A

Malware Config

Signatures

Files

Order QW1502 pdf.rar
.rar
nigga b nostartupp.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ