PPAP-EDP F-678605[.][.]exe | Triage

Sharing

General

Target

PPAP-EDP F-678605..exe
Size

838KB
MD5

8fc0f2641714f0e67e0a7c0b9a736c93
SHA1

8e9affa0c7dba687dbd559f9ee1cdb86119dd856
SHA256

864fd318ac33d9788aaaa7ec0414ace672ca381ef2f7d4d878e3e4789c9b8976
SHA512

2125459a5f49d92c1163526e6757f1c85362f5084fb109d8bae70dcb0473b0e12aaefd88987a29b24dac3fb25944513787c6a3ee75edb36802b702ee59ecd014
SSDEEP

12288:QF361h61EWGHNsCyopHGA1imK4ZvpgeTwRhwvgdVgTUA5XqfUyP7r9r/+ppppppp:Q4Y7GtsfooAMmZvpBkMgMH5wUy1q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PPAP-EDP F-678605..exe

Files

PPAP-EDP F-678605..exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 626KB - Virtual size: 625KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ