07082024_1355_07082024_scanned0000000056789007689-xero-pdf[.]zip

General

Target

07082024_1355_07082024_scanned0000000056789007689-xero-pdf.zip
Size

852KB
MD5

a64427c22fbaebadce32de2060000e67
SHA1

546ec27a0a2ea30823e861e0e528a73f8ea33ee2
SHA256

962c756f58d5e9483ae1c289b94734e6fdc1fd03add8e9ce6ad08e28339bafe8
SHA512

dfb32e3a1b96beb011c5ac230b37a5f29ea60aa01ea3ecda7cec3c741b07f006008d987cfa96d32ac0930cab08d3daec7f1aaa6fe0d8804a5e1503d1c7179548
SSDEEP

24576:49XAyx/dm58IxnXj2Qb1xz8TVF0TnDBGRbJauud6:AXG8IxnSQbv8Tk7D0A6

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/scanned0000000056789007689-xero-pdf.exe

07082024_1355_07082024_scanned0000000056789007689-xero-pdf.zip
.zip

Password: infected
scanned0000000056789007689-xero-pdf.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

/home/pxnst/users/6/Stub/obj/Release/V1rtu4lC0d3M4g3.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 859KB - Virtual size: 858KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ