13082024_1658_13082024_Proformapdf[.]gz | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13082024_1658_13082024_Proformapdf.gz
Size

896KB
MD5

a945d0599011f097eef459db89b2297a
SHA1

0f58c2365fae6356d39e8c3d2a4603da757a8e91
SHA256

537aface17aa6df726d93385184f5f4d1803cf3746790c3d80ff1feac8df052e
SHA512

c98a73642ec144500ad379dbc1506c06f1df58a169fe3c49b1da5123697623f451a1b4978d4d9301c331eb1b778766b31082a90542accefb7910a048fc171857
SSDEEP

24576:hh8L6f/WSmeLXvggQF6KgoM7afnhM0g2PMk5tRl6ncW6EK:hh06f/WOLXvgt6Kg77a5M0g2P16ncW6z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Etkt9oJ08ZyhAlm.exe

Files

13082024_1658_13082024_Proformapdf.gz
.rar

Password: infected
Etkt9oJ08ZyhAlm.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

cocS.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 907KB - Virtual size: 907KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ