contractsample_advis[.]pdf[.]rar

Reason

scan timeout

General

Target

contractsample_advis.pdf.rar
Size

4.1MB
MD5

5cfbbf8631a389dd0d07d98115407180
SHA1

5a670bee17a7b789995a07037734f4e5998209a0
SHA256

05b7d54bc24b66ac763ccbe6d469905868cce2c9639dc77d505fe209f34810d1
SHA512

fad1fb7613f266ca922825be3fe5aabe6dc37d67d3703e96556723e12e5077854d08e80b3986b7c3ced50237ddf6d66cd6850d72d224b2a0f36c85cde4186490
SSDEEP

49152:UvjIzvZnF+eaBeVU9mqpjHfSMA8z/kShQMPyJgeoNEnYCV9+H7ReYihZLcGKKQNp:UynFiMaz5vrzseviHdVUbQlZgxKQZZHj

Score

N/A

Malware Config

Signatures

Files

contractsample_advis.pdf.rar
.rar

Password: YouMakin@SQRLS
contractsample_advis.pdf.scr
.exe windows x86

Password: YouMakin@SQRLS

1024807fb5cfa7a6cb7e5e65b6db14ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
RaiseException
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

oleaut32

VariantChangeTypeEx

Sections

Size: - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IMB0
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Xdata
Size: - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IMB1
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.IMB2
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IMB3
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

Errors

General

Malware Config

Signatures

Files

Password: YouMakin@SQRLS

Password: YouMakin@SQRLS

1024807fb5cfa7a6cb7e5e65b6db14ec

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oleaut32

Sections

Size: - Virtual size: 124KB

Size: - Virtual size: 52KB

Size: - Virtual size: 616KB

Size: - Virtual size: 4KB

.IMB0 Size: - Virtual size: 4KB

.Xdata Size: - Virtual size: 296KB

.adata Size: - Virtual size: 4KB

.IMB1 Size: - Virtual size: 1.7MB

.IMB2 Size: 512B - Virtual size: 452B

.IMB3 Size: 4.2MB - Virtual size: 4.2MB

.rsrc Size: 15KB - Virtual size: 14KB

.IMB0
Size: - Virtual size: 4KB

.Xdata
Size: - Virtual size: 296KB

.adata
Size: - Virtual size: 4KB

.IMB1
Size: - Virtual size: 1.7MB

.IMB2
Size: 512B - Virtual size: 452B

.IMB3
Size: 4.2MB - Virtual size: 4.2MB

.rsrc
Size: 15KB - Virtual size: 14KB