AMISTO2947HYK[.]PDF[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AMISTO2947HYK.PDF.exe
Size

743KB
MD5

542095e8ac63397ee8b327dcf278fa5b
SHA1

31f1a04a2446f9fdd6f43cb3965b244f1311008f
SHA256

545e2d4bcafcfebab9664792284b2783e65a355b70f09965832ce161c7d6659c
SHA512

c36f8ad3f3e9092cdb37f9aa453d678e78d860be6db4efcb15adbfbc27140e9b38c7df6d127de2ec3084631b6732e7fc0b9e8def94acfb3e66cf9d2673e4b679
SSDEEP

12288:oNAwmoQ3O1KidhxG9LievJucZiUIUKTZTJxFcRnR:Twc+HdhxMLZvJfp3KTpVq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AMISTO2947HYK.PDF.exe

Files

AMISTO2947HYK.PDF.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 734KB - Virtual size: 734KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ