SGP191001000045pdfz[.]z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SGP191001000045pdfz.z
Size

520KB
MD5

473dcdde668b44ac917601f5af97a598
SHA1

52c086b963cc71368cbdc0a22a48024ebda75c3f
SHA256

14bd4f95bb503d8706eef510d1e028cf88d99a6903a585d72d441007c6fb44f7
SHA512

c803e68aa4a0bd30281c6cec455f515b04cab7c50f73b0cc66fa7090d513490d9daef88ae75bb69232a68d21958327ec9b478d20d74f2af87118685f7ef346a7
SSDEEP

12288:4X6110iNLDTfok5gf05SEzSeYP9bdZMkc4/3Mcx1HZplo:4q0itDsNsRe/5dZMkc4P3ZZpC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SGP191001-000045.pdf.exe

Files

SGP191001000045pdfz.z
.rar
SGP191001-000045.pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 563KB - Virtual size: 563KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ