Booking-Document[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

Booking-Do...DF.exe

windows7-x64

Booking-Do...DF.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Booking-Document.PDF.exe

Resource

win7-20220812-en

redline new20 discovery infostealer spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Booking-Document.PDF.exe

Resource

win10v2004-20221111-en

discovery spyware stealer

windows10-2004-x64

5 signatures

150 seconds

General

Target

Booking-Document.zip
Size

1.0MB
MD5

3ee5b16d06e5cd3d2f7e8e3f7e2884ac
SHA1

6085a7a25141fd0e1caf55e1ac8f8037cae1efac
SHA256

701ab8670fbbdb9abacbc96af5516a416bb8fd818e716b16d62eb5bd3554f266
SHA512

4b69bf1eb91fabfdd9d743f385d4fe5dfa07087e74005c0a8881959f45c7bfed849979b9377c3c72c2b953d50fde96fab0d4c2f6c5ce12e3576aa14e81b08466
SSDEEP

6144:40cJi5oMr/edPaWaKa7jWcTBcHw/fziPcEFPfLQ9kqtr8BcMvop2E1:lcJieMr/edk9BaFnFPf8821

Score

N/A

Malware Config

Signatures

Files

Booking-Document.zip
.zip
Booking-Document.PDF.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 395KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy