PO-23-0103000RPM[.]PDF[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

1

PO-23-0103...DF.exe

windows7-x64

PO-23-0103...DF.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

PO-23-0103000RPM.PDF.exe

Resource

win7-20221111-en

agenttesla collection keylogger spyware stealer trojan

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

PO-23-0103000RPM.PDF.exe

Resource

win10v2004-20220812-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004-x64

16 signatures

150 seconds

General

Target

PO-23-0103000RPM.PDF.exe
Size

823KB
MD5

f623a5768af272301f33b27655fcbb90
SHA1

74b12a26b9c94a871b0d89c000b73182a9aa3f4d
SHA256

92d13e09fd15a7a89caa8753d0fe0f8be6ac49f402a4bbae0da6a6bc57d21c33
SHA512

1390ac48156c882e26e35949b99242980b4449b828731691dce92ac51828757acd86353022b0c69cdbce85f1ee37ea46403752a9b93e7f8687457533ff19aac7
SSDEEP

24576:UA3XrxN5IC54TWMWpRo0ysh23SxqoS8w0b:DrtgiBpG0ysAGqr8w

Score

1^/10

Malware Config

Signatures

Files

PO-23-0103000RPM.PDF.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 812KB - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy