08112024_0727_pagamento[.]UniCredit[.]Bank[.]pdf[.]iso | Triage

Sharing

General

Target

08112024_0727_pagamento.UniCredit.Bank.pdf.iso
Size

134KB
MD5

efc40d204119fc723141413fb62a9cd9
SHA1

e5d5c174e357861d1534913dea2e828608f275c7
SHA256

e7f5beb609ab1fb2322e363c034167506c25e7223e6e2fe689f65b009e64faf8
SHA512

319cd24f17ed64da90446d435df2902a7c49510051fd061e6e49615e1ee6a0b49cde0cbe384f324e1a3a8ae77a9ba28bbad4308047d78ff72c39179307fb4e06
SSDEEP

1536:wUEPkjbifJKyiKTdZ6d464hlC1VKG06E53qWSuns:EPAufJKyFJ4d464hlC1AG06E53qTus

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/pagamento.UniCredit.Bank.pdf.exe

Files

08112024_0727_pagamento.UniCredit.Bank.pdf.iso
.iso

Password: infected
out.iso
.iso

Password: infected
pagamento.UniCredit.Bank.pdf.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ