SalesContract_pdf[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SalesContract_pdf.exe
Size

780KB
MD5

f1674ed05c13b5833fcdb769c1b1ed89
SHA1

0b61936edf30ccd23f6b70ee6cd79cc61fc712c5
SHA256

ac39c17f070f097e41f41579a26b8e381963fbd103e56cbdfdf5d25205c2e167
SHA512

0ce07e99639743c429368cd64ab4d83f4e54ee646bbbc3bb20e818cadcc504743f8bb4292687a859b33f99777dc9f94ccb3d677beed940050f8564cf32d1853e
SSDEEP

12288:WWK2iNvMAdT8DDItkBIe/5uUgIZd/DtfLh5:E1tVT8DDXWeA7IZd/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SalesContract_pdf.exe

Files

SalesContract_pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 571KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ