mv Yaropolk - Main Vessel Details[.]PDF[.]lzh | Triage

Sharing

General

Target

mv Yaropolk - Main Vessel Details.PDF.lzh
Size

648KB
MD5

c0ad0d148e54688fb5861a204bc427fa
SHA1

f96c504fc557837bc27758954be5b6b477156320
SHA256

7f973aa03e8fa7f0b0f3682483a3b12148a1dd78fc7c10ed319d65f1d6c82c04
SHA512

ec8a2eb2d26db7a363ce8d31f09a88a051e0524aa383c4aadd461f66ac5112c44e0805ec947e75a2d05858b880b5e41eda448e649a50ce58aedf13ea081d2f81
SSDEEP

12288:ySlD/CCB0BOO+rGbedHJnIyRw4+SHUpiQyXimYS/BjLXe:ySxNdO+raenIyu4dU0QEimZBjje

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/mv Yaropolk - Main Vessel Details.PDF.scr

Files

mv Yaropolk - Main Vessel Details.PDF.lzh
.lzh
mv Yaropolk - Main Vessel Details.PDF.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 665KB - Virtual size: 664KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ