QUOTATION_JUL7FIBA00541·PDF[.]scr[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

QUOTATION_JUL7FIBA00541·PDF.scr.exe
Size

1.4MB
MD5

cab2af047bf8d4087e34835c44af389f
SHA1

9b4cb7c04ab935fb4e9b2d4974140b974245354d
SHA256

97b9d63fe195249b2862a13c72cc88f4cb736f846eb91188de18984c231d168b
SHA512

5c56bc106781d5f592bed795e4d60798ee7aee6d098953621e9e396c8e53a87375b44d2acc9ae3814a21111b0b30c52660ed3a8c479e9ae5ba1367d81b6e2fae
SSDEEP

24576:SkWWGgI5YSHhvQ/oN69h/bEeBn+A9ZjUFffLQcYP:iWIYSBuy3eB+AfjUFrQcy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
QUOTATION_JUL7FIBA00541·PDF.scr.exe

Files

QUOTATION_JUL7FIBA00541·PDF.scr.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 916KB - Virtual size: 915KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 479KB - Virtual size: 479KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ