RQ038023[.]PDF[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RQ038023.PDF.exe
Size

620KB
MD5

f9583365310c9700b74d38295b090e44
SHA1

fac66eb32ef247669fbb1c9b1b9bceac5663493f
SHA256

4431552eb37f8003df4c66bd640a4951c10317aadb858b42d174f461909b4fb7
SHA512

1e4618e7dc8e727aea5e3963a0e75a99ef0f00e305366b639e6e839c3d920b35afdb0f836598dab0ef518e032ef48319442cebb40ba4fa55a605d2aa10259b4e
SSDEEP

12288:4aB5LYDl+CDg/+27lEAr/qUZjUgu3dmtZhJy3TGshoj+zonrKZg2BJPbzPK:o/g/+IlEAriModmtzJASjUorIdBhbe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
RQ038023.PDF.exe

Files

RQ038023.PDF.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 618KB - Virtual size: 617KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ