PROFORMA INV[.]pdf[.]exe | Triage

Sharing

General

Target

PROFORMA INV.pdf.exe
Size

661KB
MD5

3d001a5535649fc075bf5f8badfd9dbd
SHA1

43144b7961725f461084f8798003ba94fb20a58c
SHA256

17fc4205571ea12188b9ed8b5659339e305ebc54bace4e3ba62c72c6b61cdfcf
SHA512

5136686e6fbc8e48f4103def7ab9996709080969c2b413d27c4010165cbc3f7b5284875fb1d8009a4115110ef64d9028659aee2a17d00bf250b6785ed7d1e622
SSDEEP

12288:UmYCfC6lnIFae5+clpuDUpmnjfArEO9UlPJB1F7RMUM:UmNq6lnIN+sVEjfAgRBJBT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PROFORMA INV.pdf.exe

Files

PROFORMA INV.pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 651KB - Virtual size: 651KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ