998549ad400c1bbe4894b08f51699b5b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

998549ad400c1bbe4894b08f51699b5b
Size

668KB
MD5

998549ad400c1bbe4894b08f51699b5b
SHA1

5efac182da2b18b2e333d3f8b76f3178d2e0d4f3
SHA256

8a8b0c719b7ce31423dc795a058becd8519ff34cae717e316ca7f2558445e57c
SHA512

023e6ceac09991b45e8a3ddff814dcce755e5b2e4ce6033667f6408dea306c68f9289f1d8ad7df417d1c60f1fef6065e336c819672bb06d7d315058ecf2364e9
SSDEEP

12288:yzQl5Eu50iuvmCm57kLIP9P/Iv9HqFcGpt6jWUHnWtagZmRGT0/rskifuaUN:7lRaO5v9PA1KiGpwDWQRGT0/YkiHQ

Score

1^/10

Malware Config

Signatures

N/A. 1 IoCs

N/A.

resource	yara_rule
sample	dropper_html

Files

998549ad400c1bbe4894b08f51699b5b
.eml
- http://www.tnt.com/
Consignment Document.pdf.tar
.rar
Consignment Document.img
.iso
Consignment Document.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 570KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-html-1.txt
.html