YU HENG STAR[.]PDF[.]lzh | Triage

Sharing

Copy URL Twitter E-mail

General

Target

YU HENG STAR.PDF.lzh
Size

615KB
MD5

01e22fe838dd78b08240e724cd80199c
SHA1

4dd4a551b04bfa64d2482a134ff3ef5b5bba547b
SHA256

7363b8e62c1b72eaa17fd0a40ad415df67a97352b3bd65a8b25d2a14bf8b0bc4
SHA512

00053122375a3c4aed668b21926ad7ff44ae3be07126d0e45fef17b29a5d9438a6c2e120c4deef4070d614e91bd20ea9007067e521d50194c63817497e5fe542
SSDEEP

12288:3UB491I7V3vckc2+Nr/LoGG6nQu81DMVvEZzK8+lrEGRC5rHwdl/3OUgy+9Wq:3U4uvckc2YTLoGHODwvpZnC5Mdl/gyaT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/YU HENG STAR.PDF.scr

Files

YU HENG STAR.PDF.lzh
.lzh
YU HENG STAR.PDF.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

rFUI.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 659KB - Virtual size: 658KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ