40f06c637aab5f71d01f1e83e35fc68e36e1ce06[.]gz[.]tar[.]gz

General

Target

40f06c637aab5f71d01f1e83e35fc68e36e1ce06.gz.tar.gz
Size

937KB
MD5

8972d2ff35092d275e61af92d99ed13f
SHA1

d1cff55ba1362f9f5c256366fb8fdd6a051ed553
SHA256

3f964066e50b9c6a685c0fb08cf2c89da26149fcd237a5de9789212a5d962d5d
SHA512

3204699eabc448752da0924ee697a39823f8e9a24c3ad5aa9ed5bf1b71f56aa276fad37b37fed23df5ac38958dd0d9c19fe2b36a23ba5af5d5ed5609328f33bd
SSDEEP

24576:Lam4xFHF4756Ctcbz63YY3XDqJJBUiIkpzpF+agQ:vqOYCtci3YtTBUipV9

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/800399031-18.11.2024.pdf.exe

40f06c637aab5f71d01f1e83e35fc68e36e1ce06.gz.tar.gz
.zip

Password: infected_te_report
40f06c637aab5f71d01f1e83e35fc68e36e1ce06.gz
.gz

Password: infected_te_report
800399031-18.11.2024.pdf.exe
.exe windows:4 windows x86 arch:x86

Password: infected_te_report

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ