xaHV.pdb
Static task
static1
Behavioral task
behavioral1
Sample
z38PO_20248099-1_pdf.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
z38PO_20248099-1_pdf.exe
Resource
win10v2004-20240802-en
General
-
Target
z38PO_20248099-1_pdf.exe
-
Size
669KB
-
MD5
5d5b5ecc06b9058d0ec3199ed8617cfe
-
SHA1
cbb1a95878e8a7a4ac09270a6dc7699c78996e28
-
SHA256
0a58b574ccfb2898c4ee47a8dab29174c2193731573d4578b7b5ff83ad1196d6
-
SHA512
9044d553f7ce2e00fb15bd718065c6ba1e94162b74dfde65a69ee472712866b287ccd26b52777d744edc34b2c2fa465645cb99f3b45da1e544f122acb372ca37
-
SSDEEP
12288:3dPwqNxtOB37QmJauif0txmkuhIak+eBn7Hxz0Kt0rAt7HclhUhlru4TscPm:6OW37QVf0PRu9Qndz0hAtTclhUhldsc+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource z38PO_20248099-1_pdf.exe
Files
-
z38PO_20248099-1_pdf.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 666KB - Virtual size: 666KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ