PO #GM88997774566096764664665[.]pdf[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO #GM88997774566096764664665.pdf.exe
Size

445KB
MD5

7d3d5e26cc91fea1694104bf1e310069
SHA1

ed46a72858fb631514f9ab1a8b97c52e6bd7189a
SHA256

c908409d7384377c46b1c576f8e44032f1ffb8faad3ff61bbcf4496d1a6f0b54
SHA512

137882568bc76216d668b3e9a7663b8287dd30f2b2852db8eb35a0f37a280d7eb720630ddc3d35bcc811ccada9085672b8dc2b786e878b0a992a4838f4745c29
SSDEEP

12288:Jy+qzuu9m2l2zNDoAO4nzat/l+UoB6ZuJomvCkSwzE7TZ4c:Jy+HucRuYzaB7dh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PO #GM88997774566096764664665.pdf.exe

Files

PO #GM88997774566096764664665.pdf.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 441KB - Virtual size: 441KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ