Shipping documents038PackageParcel Delivery[.]pdf[.]iso | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Shipping documents038PackageParcel Delivery.pdf.iso
Size

118KB
MD5

821e963a7fc71c268efd9d8570436a7b
SHA1

47db1caf340c3bd155210f183158c37a94f9d7e6
SHA256

1741a2a5f9d1cf65c1f1971ebb58632493f404c389fdc70f0c62794f02aa760a
SHA512

ab0208f242ec90a81212cce3fb17733ff149e85e7c675483135a61c5142992fa67ceafec24527cd91bf427cb72dc7500eed73428a78b6e6622680b0164953d77
SSDEEP

3072:WcUH8GTEMq/p0iCCeo39pXyXRrStEvHuCMngApO2iUIrYq48:WcUcGo70iCVo3Dih3yXTnM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Shipping documents038PackageParcel Delivery.pdf.exe

Files

Shipping documents038PackageParcel Delivery.pdf.iso
.rar
Shipping documents038PackageParcel Delivery.pdf.exe
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

tg!#+
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ