PXU422[.]PDF[.]z | Triage

Sharing

General

Target

PXU422.PDF.z
Size

695KB
MD5

a2cb17d8f4b44d28e8f25e35c9bf6ef5
SHA1

bab5932a01e33a80c27add26e890e4d1133dd831
SHA256

f547ec43a3052eff8afc3e21f6fd0915c60cb967af4c8db1e7d9a9cf4fa7de88
SHA512

cb831344f10b0e185e7771eba984671f8b6b5abdef56d1f09b502874fabc98ef62e05f91765b022221ad3c5e9d8f76a467dfdf73adb325f5133c4285076be3ab
SSDEEP

12288:DT6XrO3tjWMjaSiQXsz1EjTjktl9uIstSqFTN/+dcBmFYPwHQMgO4NDUmVzBnD0n:yXi3tyMjaWBjTjkn9uLvr/kc+YPwJbi8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PXU422.exe

Files

PXU422.PDF.z
.rar
PXU422.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 750KB - Virtual size: 750KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ