_CN01 _REG1 _RSPVLN2 _333[.]PDF[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

_CN01 _REG1 _RSPVLN2 _333.PDF.exe
Size

13KB
MD5

f81ac74e9b4f6699fe4123701c300475
SHA1

4e003d1ce2495a7c27c14d8c9e893f87840eb5e5
SHA256

9020a50d5dfe5b11c0bcdd1d2c73347de27510eefe67d4d0f37d8d50fe8f40f6
SHA512

0eb9fe85045ebcfa3c21704e6a9155e3f318d42c86efc3ddaf659d510dbfc2936dd30f17c0bd5652f3fceb7013b4c18d250f16710f696d5dc95777899fcaac88
SSDEEP

192:dcyeYOFKOpyhWnE798uUAuoB28GNPklM:dcbYeyhOE798uvs8ikl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
_CN01 _REG1 _RSPVLN2 _333.PDF.exe

Files

_CN01 _REG1 _RSPVLN2 _333.PDF.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ