Avansa rēķins Nr[.] 428165 -06-05-2024_PDF[.]cab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Avansa rēķins Nr. 428165 -06-05-2024_PDF.cab
Size

27KB
MD5

ce80f86edaf47db1c062920ea43f59b0
SHA1

7b9c1a05e945f35c687fee5128081c74f0c1658c
SHA256

32e294832e638fb13eaaa7fbc3240ba1f4e7e02980c398b412a89ed33394275e
SHA512

0dc7e0df2d5a51a8129a968ba8f2d433ff53df2d918f19e211ea6c65044f57f059b6f22be2e10731eba3bedde284228e8f027c87c901e5f37602d2c579a5ca04
SSDEEP

768:m0qcqWCCzstM6vRTCUIOmXALUcs/yMQIP38yeg5n:m0q5WCVtMSCycvD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Avansa rēķins Nr. 428165 -06-05-2024_PDF.exe

Files

Avansa rēķins Nr. 428165 -06-05-2024_PDF.cab
.rar
Avansa rēķins Nr. 428165 -06-05-2024_PDF.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Desktop\Italk\obj\Debug\Zrlin.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ