8f9c045affa12de8d4d40fcfea0f44e9b7fc5135a193767572104e64fc7ff2cf[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f9c045affa12de8d4d40fcfea0f44e9b7fc5135a193767572104e64fc7ff2cf.rar
Size

624KB
MD5

e4c95ed8e855565f863169b805737b9e
SHA1

c63f1fb0405f4c358fff12788dc4f2436ae26466
SHA256

8f9c045affa12de8d4d40fcfea0f44e9b7fc5135a193767572104e64fc7ff2cf
SHA512

79aebc267fc95739629f5b4227fe8565761449faba7d1e0e75acaa4330d4b6d89529af2fbbe86f913ed1bc0aa130f4ed20f36c063e05a57b60fe8173a2776f0c
SSDEEP

12288:vONSS2iIQrZOMS5+gfmiJAxn2Q2cO9L8vPERqxPfpF:vONS+5ZOMSs2c299L8vPEgPfpF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HKIK8888 PDF.exe

Files

8f9c045affa12de8d4d40fcfea0f44e9b7fc5135a193767572104e64fc7ff2cf.rar
.rar
HKIK8888 PDF.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 640KB - Virtual size: 640KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ