Arrival Notice_CIA_AWB_INV_Form_pdf[.]IMG | Triage

Sharing

General

Target

Arrival Notice_CIA_AWB_INV_Form_pdf.IMG
Size

562KB
MD5

0f3c6f0d2eccbcdc76e847ea0f62f15e
SHA1

4baf2036c231dc9a0fba13e6d7d551b27b5b4194
SHA256

49a656f7ee544b5f21726a0f0f5469bd7a15aaa4615b53c4b0dac92b4aea308b
SHA512

a3efe41ce4ae7bd4689fe41c6e1cdb41f8cb4227eae4695a961c00d3305562d59e5bc25f4221c230052a478a505ed6118f95bb09468ffc3dd282be3e849aa1f5
SSDEEP

6144:2Z6ySmRH93qXyS8KevIl/8/vpwO4XMGdKf4xU0PrH7KjnvQWTk85KqZIMHYJqE4E:ZySuRbpGv64vPrHmnkb+NHYqXZ4fa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Ref227395588_pdf.scr

Files

Arrival Notice_CIA_AWB_INV_Form_pdf.IMG
.iso
out.iso
.iso
Ref227395588_pdf.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ