EX773457346594[.]pdf [.]cmd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

EX773457346594.pdf .cmd
Size

2.8MB
MD5

f780201205d2af842f006f6089900116
SHA1

8ed2915dedd26b99d8d607cd09d448d5493607ca
SHA256

ed76610c343412caa9f838ca1239028c6e6a6cb789a0f9272942a8476c25eb58
SHA512

c616151c8f1abe10212b6eb4b9aafee591e72ca21cc7b5b18328941606aa8ccc94393185d235b496692711b2f2ef929278797a81993db8ee4207b1f3366defa4
SSDEEP

49152:AzR1jrXZR5dgFPj2NxOp3Vgpo+MYyHqTPHqIlaoI0mh4dA:AdhrXZLSFPj2OpFmoHY9LHqoI0mqd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
EX773457346594.pdf .cmd

Files

EX773457346594.pdf .cmd
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ