Static task
static1
Behavioral task
behavioral1
Sample
13810018959_20220830_09170710_HesapOzeti.pdf.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
13810018959_20220830_09170710_HesapOzeti.pdf.exe
Resource
win10v2004-20230703-en
General
-
Target
13810018959_20220830_09170710_HesapOzeti.pdf.exe
-
Size
521KB
-
MD5
6737fdf49a6b05873d68ee7826531f16
-
SHA1
bb09d30a7e640f76d2cdc82601889f2a60660df5
-
SHA256
ecadb32b71a989d1a6126642c5182dd367ded29aa0a9d29433f88f474d6f997a
-
SHA512
f26788b5f80cf715d7f9336f56b8637ab81b5c3a025ebd8a5070c88610961f83f74025b2bbc2b20c64be52e08fd5fcbc44dadd1b91a588fa7d708c8a857a99ee
-
SSDEEP
12288:qULc/pFSrJ7TzeYGGQXvaUjA4vISeVNLs+7:TLc/pFSl7VG3XjwS6B
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 13810018959_20220830_09170710_HesapOzeti.pdf.exe
Files
-
13810018959_20220830_09170710_HesapOzeti.pdf.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 515KB - Virtual size: 514KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ