nPO_331602024[.]pdf[.]cab[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

nPO_331602024.pdf.cab.rar
Size

561KB
MD5

f0fe4f6370403ea60ac56da33635c60e
SHA1

cb2ca7306b8df952a4135b1f3c0b29b82a85a065
SHA256

4e954a344852083bd1d758863fedce40b2c96f679fed9f77d1f00e01fde77b1f
SHA512

359976dcc95c201581e8b185ac971ab5be496c765f7a2d02cfb825ecb6f71f6b12f0ec21d7a8e5be203683f3018a33776be422275eb959acc3e4de411ea5a9cb
SSDEEP

12288:9e0b0WkJFW2zrqc4vXcVEJt30jBtECcpS85WazDSouLNGGdZ9I7R2:9e4kJFhzr14vMWJF0jAC6AiAI7Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PO_331602024.pdf.exe

Files

nPO_331602024.pdf.cab.rar
.rar
PO_331602024.pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 569KB - Virtual size: 569KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ