PO71024[.]PDF[.]IMG | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO71024.PDF.IMG
Size

1.2MB
MD5

2c6258f4698ac6c55efdc040bdd5d9bb
SHA1

93858d386a756fc0f24fbe7114ec089f99ae993d
SHA256

c38d96c6a0b05a379db54a58476708a562e704f8a4b8be587d6341bf60a7f7b3
SHA512

d5eacdf9c3332befb223781301f94407a16f1180ba1540f785ad07dde83bfa1c25e860c1353059eb83ca5c5dbbd46cb19be5ac90f3d0209a1dce8edc63fdaf9c
SSDEEP

12288:LZ5rrxuzELXJUsfoxI1xyyO0uw2BH4P/fC12z1Rezgt+b:95rVZTAxIuauwbe2/e6+b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PO71024.exe

Files

PO71024.PDF.IMG
.iso
out.iso
.iso
PO71024.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 533KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ