PDF电脑客户端[.]exe | Triage

Sharing

General

Target

PDF电脑客户端.exe
Size

402KB
MD5

9613c8f8152cf689f7564ed46a5d115f
SHA1

43eba89d72b45c027e4a4d71c4c6f09c98fda201
SHA256

f5065fd6bbbc50d4391672d8ae1ff4c350ea6835d91b30ddab183fc88dcb2afe
SHA512

014d01a57d6f1d69f692a005e488e5169afd421d8a15d0e17ecc2bda3a2d56af5ded9e576798b9196922b41f85d64ddfefd16b4ad60b5a38487183947dd7792c
SSDEEP

3072:a7k4kvIlwVM7SiOcY6Ryie3lmFdT4Ls1sYmw1UOM:Zu7Si9YuyB3lmXTucsYv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PDF电脑客户端.exe

Files

PDF电脑客户端.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ