Booking_8986007pdf[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

1

Booking_89...df.exe

windows10-1703-x64

Booking_89...df.exe

windows7-x64

Booking_89...df.exe

windows10-2004-x64

Resubmissions

16/04/2023, 17:49

230416-wd7kvaag92 10

16/04/2023, 17:15

230416-vsjxnaag22 10

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Booking_8986007pdf.exe

Resource

win10-20230220-en

darkcloud redline infostealer persistence spyware stealer

windows10-1703-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

Booking_8986007pdf.exe

Resource

win7-20230220-en

darkcloud persistence stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral3

Sample

Booking_8986007pdf.exe

Resource

win10v2004-20230220-en

darkcloud redline infostealer persistence stealer

windows10-2004-x64

12 signatures

150 seconds

General

Target

Booking_8986007pdf.exe
Size

2.0MB
MD5

d9a19e7a23f38394a1605dacbb4a8133
SHA1

6176db7cb0aaf9f795a5a3f93d83bf0256d6f294
SHA256

85b6f76e0601c8aef7ab41e6e1a321ba8fc61c51f78aee6fd2e35d73e9b4fd7b
SHA512

2a40092e05674e81ba6db6eaf32b676618fd80c86f7a7036c1f0c8a36f1a6c11651b883e01feae09cf1ab76f76c9dcb774e0d363ebee18a5a2c85f16f773c70a
SSDEEP

24576:DfK1P4r3gSFHzB/tg306W7CenB2i2V0KsdCcE1Z4u6OmBwhEI94OFI2/WHXPmj1:04rDjRvQWdCBFShAnA

Score

1^/10

Malware Config

Signatures

Files

Booking_8986007pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy