F0 50654[.]pdf[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

F0 50654.pdf.exe
Size

744KB
MD5

e8e319a1a9d3b18294726e43039f6fc6
SHA1

c27549e7d5e74108e23a0dbab8ea69a1cec7f8ef
SHA256

162dacb0b8b4e3022e5b72192efdbdfe5faca78cfc7b91501638d5cdc20d489d
SHA512

4887a53c928a304d2f3b03ac74fb15351092c175ebce5b9e5837f28abe6bb10b8ea6bc277274838b1294461dcc73e6a0465fd394b21f04dc4d40d1b895970acf
SSDEEP

12288:8ESFWzQttE3vsAB8qAZJI7vSm4ksSyQwSu2frCE8SZV:8ttE3vDBhWJSSm4UypyfrCBS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
F0 50654.pdf.exe

Files

F0 50654.pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 741KB - Virtual size: 741KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ