dekont (37KB)[.]pdf[.]exe | Triage

Sharing

General

Target

dekont (37KB).pdf.exe
Size

892KB
MD5

57134916752790943db9c4d3c0488e92
SHA1

7cde5ad5b7b11716534bf07e6a54178d841b4c49
SHA256

16a43aa836bfc334a9c67a4a6cbd25aa461b9332b7dbc5271afd75119c2a3521
SHA512

5f2be54e45aa06de736ee66c0552fd6e222038c5aa949188f96b03a18808f06221adf1bbdf68d94f76b76eecbdaad4e1a4fdb3434a029a476469c5e3a7063e8c
SSDEEP

24576:PznY32CV1u6juwCfDG8wA/8I1AGKBXVfW:TCnu6ufDGRWVXeVfW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dekont (37KB).pdf.exe

Files

dekont (37KB).pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

WUCf.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 889KB - Virtual size: 888KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ