Dekont 1001929 11102023[.]pdf[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Dekont 1001929 11102023.pdf.exe
Size

580KB
MD5

fcc77de74364440a6aec94c1d283ac40
SHA1

4abb3f76dddb852bd310b6b001a3e9ec8ebdd38d
SHA256

91bff23f123fb307a7baebb69281c6d17f65fc7d3c7891bbbe7df3b486e4d10c
SHA512

b52da479b002242d71974803e2e1647aa94eeac2f6b548692c25837a0e221b3ee87e032622582af7559d7dcb49660f66bca02f7a489de251687925e664326794
SSDEEP

3072:9z88Ptd2epEFbMkbNZG46Xz3kFE0bFd+m0de2fcRMBLEFx11Hiv2MN+NFh8jG7Q1:9z88BjkbNNhNHG+96+NFh8LKi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Dekont 1001929 11102023.pdf.exe

Files

Dekont 1001929 11102023.pdf.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

k*wFS\
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 412KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ