Siparişi_P[.]O_4029064_Decorgru_pdf[.]iso | Triage

Sharing

General

Target

Siparişi_P.O_4029064_Decorgru_pdf.iso
Size

98KB
MD5

ac9fb655112fabebd6bf695a1005f878
SHA1

48247ffca4ca860bdb30a3f9212c0243841fd861
SHA256

5d9fb7714788f97c046f3b3c1c2a1e02ecfe10686ab6f2696db8d25e4bd86316
SHA512

689601c7c79e00c4921a00f4b5015ba37b00811cb843a305b74b437fd1a4602d317d264861d47c2178c4711468e8fbc0656bab1437abc16f36d5f780d6a79ac3
SSDEEP

768:/6Nyecx7gKng+pF0WeIUDNC6YGcoMcRC7n8Yila:C0ecx7g+70dIUpC6YFoFo78lla

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/Siparişi_P.O_4029064_Decorgru_pdf.exe

Files

Siparişi_P.O_4029064_Decorgru_pdf.iso
.iso
Siparişi_P.O_4029064_Decorgru_pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ