Shipment Documents,PDF[.]gz | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Shipment Documents,PDF.gz
Size

644KB
MD5

9d4d36df1e6ed8e2d5c06b485c04d5d0
SHA1

f2bef5b306db86b190fe09f68b53315a81304986
SHA256

cbbd927a5ec561aebfaf60191731bb7efa26dc95d8fdd5017bff1c62ee7e3837
SHA512

a4cf98e58797b9bd4b5a6caa6cf0e5a56325a8b2dc62ef3958e1e839b7622af0425cd40b9467e9398288fa6177f974f8107bb461f8d4bc4752af6b8eadfa0c0e
SSDEEP

12288:+CDOaJnwmvDvswmeQ+Aqzb34WP99jzGUcQWCVpditzSiUxTpP5AxPXclOo:OaN1jsgNAob34WDzGUXW+dSuiUBFutXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Shipment Documents.exe

Files

Shipment Documents,PDF.gz
.gz
Shipment Documents.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 753KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ