PO amount drawings pdf[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO amount drawings pdf.exe
Size

720KB
MD5

03fff870c9ec132b66dc6cacd1b88f2e
SHA1

f2f10f1ee3efd755db76de35252ca89de52cdcb2
SHA256

4f89a3ab1146a0513cd923bd8f66604c81df7e90c2e526a8dd3dc96c5dd1a68d
SHA512

4ce612ec32d71f8e421583a76fdd95e6aff7f50e20c7dbbf96a08ca60f072b53d98822267601df3b1ffc2f53818d68d5dc5335a5c77d69e99641f993ea216b31
SSDEEP

12288:Oa1EEIoIFFHgeg/c5RU2BCqUnF7cdRBT5bFP4HGekLnXYmUyWHmqWSKxqAq3JfD5:JIXFx52t7cxRqHPkLImUBWSKQ48LSXz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PO amount drawings pdf.exe

Files

PO amount drawings pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

jrOE.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 708KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ