23102024_1344_22102024_DB0MQH2W1 PDF[.]PDF[.]Z | Triage

Sharing

General

Target

23102024_1344_22102024_DB0MQH2W1 PDF.PDF.Z
Size

631KB
MD5

55ecbe62fc19f13dc042050297c45a1f
SHA1

199e1aef46cf563ff7d4ceef8cd1b48932df22e2
SHA256

6c8d3eeb828fd2d8331723f094d63cd8dde38b527e85093c7ec174a155737e5b
SHA512

0a437755065b4a62fe0517f4d8b0e06af3196f9558a585045f6bf2c4a8f9ef1240e093f420ddede238a3623583bf8cd7202db817188b71fa37ffb739e09e697c
SSDEEP

12288:AjCrpUCnWWXk5U3GvYHcSwpLOdGKRv93BKhtPLbvi+IEd93PYZ/u:AjCDq5oPkKYKRrKh1LTi+h9Y/u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DB0MQH2W1 PDF.exe

Files

23102024_1344_22102024_DB0MQH2W1 PDF.PDF.Z
.rar

Password: infected
DB0MQH2W1 PDF.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

gHOU.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 703KB - Virtual size: 703KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ