03072024_1653_FGDS09765678000[.]doc[.]tar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03072024_1653_FGDS09765678000.doc.tar
Size

916KB
MD5

4edabd4cc267f382e702c695a9df32a5
SHA1

ac853effcf722ba06c5a9e289aa025de8dc8d4d1
SHA256

1571862ccf8217bcde971d6a3cf5ca9786edcac7a4de30d53085159e467de4cd
SHA512

7e882ce5942632c94186a20a7a4a2d7c9118d0faef3aeb7afddb673d3ddc2c27a614033f1e967920f43217890ffabff6c0dafed1fc864b26bc5534ff372cdf13
SSDEEP

24576:fSdDqBTeW0KSQgVcs5r056ZQC/uNc8rJMMhrca:gq1eW0KZ4JCoZx2coSOca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/FGDS09765678000.exe

Files

03072024_1653_FGDS09765678000.doc.tar
.zip

Password: infected
FGDS09765678000.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

AdmV.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 932KB - Virtual size: 931KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ