Purchase Inquiry pdf[.]tgz | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Purchase Inquiry pdf.tgz
Size

1.5MB
MD5

dbf8a64a91ae9c7716f4ffe6b2bf4883
SHA1

5649d0c06772d84fb9a8698be120e08fa8b7e63e
SHA256

468d7cb79759cd22f7ab45bbb4dc5488923656e971ea058b62b1cf26f75698cc
SHA512

87a94ed89fb5f4cb67f2b902012f3d233105e5efafc4723266231c6e893aa1396e61476468e90137c3ddb550a1cb5ddc9293dfea947f1344c664e5e81cfda09c
SSDEEP

12288:ioX4hda2WeOV56ASE3TjH7pTgkE3dnJ/bLoNJhhgBoP8Woar2KBZeHSJYWKnBz+U:iXaH3wDwr7pc/zmgm8Woa6MZSpQK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/wRtfUPE7raj1j0U.exe

Files

Purchase Inquiry pdf.tgz
.gz
sample
.tar
wRtfUPE7raj1j0U.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 767KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ