PDA Appointment letter[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

PDA Appoin...er.exe

windows7-x64

PDA Appoin...er.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

PDA Appointment letter.exe

Resource

win7-20220901-en

lokibot collection spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

PDA Appointment letter.exe

Resource

win10v2004-20220812-en

lokibot collection spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

PDA Appointment letter.exe
Size

664KB
MD5

03fc597830b1ec63369d51839dc27155
SHA1

b87ca6f7a897c02b5fc76ba530508feb5e0e136e
SHA256

6cf9ce1fdecc2037bf2ba58c7b41bffa214c0bf5fa53e5949259b0fed81b34e0
SHA512

3b039468b663de4696e795c09db3fcdccf50130c1ec40fb1352a8bfed0c33f0188fefc7d863f219e87c7b704b8d3afc085fe88b1edd49d84fa8a0a1891657aa1
SSDEEP

12288:7wN9jXnu0bl9eONs9XmjaMrbKMMR0b5Yl8QTlIAjht:EN973lcXm/KMpb5Yl8QTl

Score

N/A

Malware Config

Signatures

Files

PDA Appointment letter.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 662KB - Virtual size: 661KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy