doc-PurchaseOrderFeb13_PDF[.]gz | Triage

Sharing

Copy URL Twitter E-mail

General

Target

doc-PurchaseOrderFeb13_PDF.gz
Size

1.1MB
MD5

a0e7a3a0722e9d93a44b4199a5e9110d
SHA1

bfee1537df639e3fa3d63851e400b41b5c01a864
SHA256

a59cef1b258dbe7533623107408f53e16b79ae56e6f617449b10781ebd854ce6
SHA512

d223f9645902f8d2fffda14c3883c909b4a1249fe315e6a3daec2aa6225f34171df37e5e1a174df2709341dd2460d1c606bb27221d7d06817ea02e8580e7a35b
SSDEEP

24576:UeQnMNbI38abtKTbnkrGntsnZqyR67WDRmMr1BhzWw:UeQnM9IptKTyRh15rtzWw

Score

1^/10

Malware Config

Signatures

Files

doc-PurchaseOrderFeb13_PDF.gz
.gz

Password: gV14p1FyIo
doc-PurchaseOrderFeb13_PDF.exe
.exe windows x64

Password: gV14p1FyIo

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ