Scan_Docs_SKMBT Filled CompletedPDF[.]exe | Triage

Sharing

General

Target

Scan_Docs_SKMBT Filled CompletedPDF.exe
Size

698KB
MD5

c024a4e2e6f55d364dcf366d9c77f08e
SHA1

b101270ddc2305c0e6b9adfd879e52605320c572
SHA256

dec1d1854a2b0b3dd914323f076434ee14831f93672b2e8d361762886c0b2d7d
SHA512

caf6ef86a3d5b9d32c8a35d6357698a22158a43cf08a661477ba111c124463879bd6162a80872935a9cfea739eff42d96820dd78c7dd98d9d23d1e25c3499741
SSDEEP

12288:U3wMMrAkfYfWi8k1+s0EKjnUNfqDqLj48N5Nz8SOa1k78Ve+XX0gyPXw//xlNa2:UgMkAkfYLZZqDm48N5NCElVeC0vPXuls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Scan_Docs_SKMBT Filled CompletedPDF.exe

Files

Scan_Docs_SKMBT Filled CompletedPDF.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 692KB - Virtual size: 692KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ