Great Wall Motor Sale Bank_Sift_Copy[.]Pdf[.]7z | Triage

Sharing

General

Target

Great Wall Motor Sale Bank_Sift_Copy.Pdf.7z
Size

561KB
MD5

19de96f412a3f3498b8bba389399f812
SHA1

d9d8c7f5f30c98bd4bd56745b0666e12661dad5c
SHA256

3f3d26e4222fe2207b6588eb3672db62c595f20d0e81a18acdb85afb5a30dbfa
SHA512

b628a9b2781f51ad9647476e0be27fb357ca5b9174296316689134eb4e2d3336399d7352f365f048778170332638dd02df640f035dd91dbe1cada6c9b852e3de
SSDEEP

12288:K/4gxlPOP24AQoPK4ADZlxF3dTduhDJ//StF43kSUNaX2tNiKTLX0Dc+L:K/BxlPOe4ZZ7F3dTURJ//EOVUNQWXQcY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Great Wall Motor Sale Bank_Sift_Copy.Pdf.exe

Files

Great Wall Motor Sale Bank_Sift_Copy.Pdf.7z
.7z
Great Wall Motor Sale Bank_Sift_Copy.Pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 997KB - Virtual size: 996KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ