Static task
static1
Behavioral task
behavioral1
Sample
BL2716919550.PDF.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
BL2716919550.PDF.exe
Resource
win10v2004-20230220-en
General
-
Target
BL2716919550.PDF.exe
-
Size
900KB
-
MD5
a8a10f16d378235bbee385cd47ae041b
-
SHA1
2006595f2c0e2859eda8f344ab4b8cfc600e9b34
-
SHA256
dfb099e4d381a076a936d5aa228763f7bf00e0c5fd80ced6437511a3101c33ca
-
SHA512
aa7d4f42f8e904dd1d0547e5366edb1c5378f94bfb6ba53c7ef9efe4b77e5aec08c8a82c3579639f2eb79c482090bf284127de863de31d2acd0e2138865ae1dd
-
SSDEEP
24576:SlI9BqmycgiH75BWt0gXNGVufX793cApE54tPsshnm:SW9Bqmycr7ysVKcX54Zs
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource BL2716919550.PDF.exe
Files
-
BL2716919550.PDF.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 831KB - Virtual size: 830KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ