rCita-00373________________pdf[.]exe | Triage

Sharing

General

Target

rCita-00373________________pdf.exe
Size

991KB
MD5

ac7b9f4d37fa2d99c4378ca00b247907
SHA1

0f998dee4b813821192a675d8a96d4cb0c0c91ea
SHA256

6e57cd573de3d14fe09f11364476b54f2b935d545be1258ee843d31573846622
SHA512

1826369aaa67a16c6dd68591315f519c98279c4fa5969e4b42db8f80bb1427a1b8765eb4a1ea15a1d8f8b44975bf8dca2f3e47058714757f83d6733aa4a7d259
SSDEEP

24576:FB94uQFPPHcDuDSqbjHQ/bHImc2gdNeF0SvRd6gKJvbdlA70:L91QFPPa4Sd/DS80cs7vbdlA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
rCita-00373________________pdf.exe

Files

rCita-00373________________pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 989KB - Virtual size: 988KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ