Purchase-Order[.]pdf[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Purchase-Order.pdf.exe
Size

1.1MB
MD5

11bd259bc91d1c2c78fc49db8b576c6f
SHA1

9ac30e41b01597dfa42024cb491ea6ac8922a6a3
SHA256

5ad5b73c0bc7325d96a68f35c1a84b692073395b00738c1f31ab5a4f26b131f6
SHA512

fbff8db3fef72a64d33efe4e2138b06b48949ccf61847aaaa316c00f1ae09d1fbf19b217e7b0f2c7ae659d5daff2ceca3beab754cebb361fd8b08de39e9f5c17
SSDEEP

24576:RXLCP12zVZ97t2ecDjyq8V4Mzz2WXP8Ay8:dCAR37t2RHyq8VHzdkA

Score

1^/10

Malware Config

Signatures

Files

Purchase-Order.pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ