предложениеpdf[.]z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

предложениеpdf.z
Size

944KB
MD5

38661778a829f4d745ef5326626c386b
SHA1

acc97895531ad1f6111df7444d32dbeaf2e75145
SHA256

ebba2d38b9c4007b4fefeca4f814e5c57df3f3bd3b5c70a332ac258fc34c19c2
SHA512

62c607aeb618e4f8268c2bf509ca9dd6e8bbded54d8e726844a1b8cb2adebee85d60ccc4b8c00f6a28ddb125f2c1f9cfd412a52f07fc07cbdaa650e3808c6ca6
SSDEEP

24576:F8tKGIADiuNoya3Txy4cVE4UDBbD5SYBYq514/ng:F5AdmyajRcVELDB7PL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/???????????.exe

Files

предложениеpdf.z
.zip
???????????.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

gHbA.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 956KB - Virtual size: 956KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ