FOUR RIGOLETTO PARTICULARS_PDF[.]lzh | Triage

Sharing

Copy URL Twitter E-mail

General

Target

FOUR RIGOLETTO PARTICULARS_PDF.lzh
Size

643KB
MD5

5d7033019ff407f5054a5f63875f20f2
SHA1

5a7831bfcaffaf97a57a4b491258226b862d0158
SHA256

0f4deb6ac26a4b98e1d5e3e137710f8e4d285673ca87de5a37cf58e7180c4688
SHA512

f341e9c02274c57d8007e6f133e71f23cddf8e6d029429ea0680708beaddcf5f94a4398fa8460ad25c27515e3b5a357187d44ab04089a14fb4794e1e6e9e393b
SSDEEP

12288:ThWJK7vdi8SGwp1XfdAycKCFMLFbOiSax36C7+4HgL4B3keMYBogt8+xQc:FzILGhyLCFMLl6C7ukBUeMs/t8Tc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/FOUR RIGOLETTO PARTICULARS_PDF.scr

Files

FOUR RIGOLETTO PARTICULARS_PDF.lzh
.lzh
FOUR RIGOLETTO PARTICULARS_PDF.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

uKAa.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 698KB - Virtual size: 698KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ