ZD3952023pdf[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ZD3952023pdf.exe
Size

195KB
MD5

d075742b7e107166c4de51d071076db8
SHA1

185ccb82f2aef1e63fbfec2e2010d999315e6831
SHA256

018a3bc93803892ceb431a362450a0883b02c2e097865ce39d0d9bf1549cfcfd
SHA512

f931da8fe57fd19997f6a69c0ccfea82a853f5ad54682e3f0a3a33cf228f14e3654e2a02242ea10a0830a1a8fb2626c0379cee1d400bc39f3d6ad22c88e7a32b
SSDEEP

768:a1fhKrm/6KArT/WE8MsWLiI4WEf5OCgaZ78vWMSicm:a1fcrmixqtc8NxMSin

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ZD3952023pdf.exe

Files

ZD3952023pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ