iGXz.pdb
Static task
static1
Behavioral task
behavioral1
Sample
Dekont-2024-03-28,pdf.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Dekont-2024-03-28,pdf.exe
Resource
win10v2004-20240226-en
General
-
Target
Dekont-2024-03-28,pdf.exe
-
Size
684KB
-
MD5
e886fc4734fee8c0445802549df61e16
-
SHA1
373856ccf95b0aba82a3bea3066fcc657046d78d
-
SHA256
8a54d486d4b795af1b8f7506dfa69e2e9fc298a361521af183cb9809cdc3d68b
-
SHA512
274073137bb5505a9e139b361b5a873227cf8f2e4b44834ce83dab8aaf5d87d04c0048305eda99789d62f805e9649b60adbc192355e8eefbf3a357d566b3957b
-
SSDEEP
12288:O/H30YOwqOpJWGEDC2qlHcf1LUTEYct5gWgbrWN3DrSD0ZrTBCu7VzbxTstF8:iO7MCDA2W+JgbrWFDW0ZrTT7Vt0F8
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource Dekont-2024-03-28,pdf.exe
Files
-
Dekont-2024-03-28,pdf.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 681KB - Virtual size: 681KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ