InquiryPDAS[.]S[.]PacificEnlightenpdf[.]rar | Triage

Sharing

General

Target

InquiryPDAS.S.PacificEnlightenpdf.rar
Size

613KB
MD5

77ad2738c37f90b2a37da81ffd3d9abc
SHA1

92ee6e52705720e7af6fed86151094f57053093b
SHA256

61f957ff6a87a313cadadcb7bb58cd39988c8c8a171fad1c7a25db51db8ee33d
SHA512

761adc4ce906eac928b46311d206c3db4bb2007fef9e5a4d3d4f1ce25b161b7a0dfdc2c71f3ee132caea4def56251d27222e2b0deccbcfa4719e25e758623945
SSDEEP

12288:fRtEKIcGO+NknppLfdeVgljW5IEMPh09ZQltEocicGfIm3/:HEK0knzrLlBEYhBltlt9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Inquiry PDA (S.S. Pacific Enlighten)_pdf.exe

Files

InquiryPDAS.S.PacificEnlightenpdf.rar
.rar
Inquiry PDA (S.S. Pacific Enlighten)_pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

OsOF.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 656KB - Virtual size: 653KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ