PAYMENT COPY pdf[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PAYMENT COPY pdf.exe
Size

687KB
MD5

177a334c4335f6647e5e5137293cb907
SHA1

b51d35a1f8c70ca9d670731d75cbb3bd921b09a5
SHA256

950754e261538834ac3563cd3d382b5f1ed40acdcbb17b775ee158e10c827d5b
SHA512

3e21ee74c58dd40c497df2732c654c5a5b4b648d646ce11b4ab88a71068be74c4c30e227929081712cfe65ee6970c395572dd813b8f8e3d7f315c0060bedd209
SSDEEP

12288:D6jmQ2iNDHr0v2RaGEhRr7Y6HG4kPzn3O3/imIVMowrdsxzkpPDWy8y:+p1ZHwORaVhm6HkrmqVOdsBsD58y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PAYMENT COPY pdf.exe

Files

PAYMENT COPY pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 680KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ