RFQ[.]pdf[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RFQ.pdf.exe
Size

848KB
MD5

083e58bdbf2857a5b263b654c8e18277
SHA1

81049b28dc6f9b42e941de5e48faccba571e0448
SHA256

81d7db908cad5ee4ce1d33b94e0ab8f65025a7ba741d6171b41f4026c226970b
SHA512

e2f0987be7405cab0ad0f2d604fc12bb8cdaa34a28856979ac7ff4dd87dddb78583ec8331709f1f7e24e40b1ff4a1be8c07439908e040d1669c16ddbb9d77723
SSDEEP

12288:W+lO8lpXU5ZkXTu+u7AN7EwRdo/ohIbJ2hNuW8puUaoQ5AvA:W6OA2wObJ2h8W4uBrr

Score

1^/10

Malware Config

Signatures

Files

RFQ.pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 830KB - Virtual size: 830KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ