RE[.] SOA attached Eml[.][.]7z[.]001 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RE. SOA attached Eml..7z.001
Size

684KB
MD5

2bb2ba1141328725f32357820c9078c8
SHA1

c8a26dd775807da0bad3d7722c0eeebdf6a8fe7a
SHA256

1fcb1225ae8b8ad7712c3c7870f30b7a47a113a055b12387f3598ba27b7f6f24
SHA512

322dcfc652b48de55f2f325b9d5e0017e604d94227dbe38a05084476ba17e7d82710c28ff09890a913a72967259b1120d0a063926e415ee0cd91467e714fd80e
SSDEEP

12288:AYYYYCdnSIEuGna8ctneoep+BigArSzxBUulRaKpUVzlAjetFTnkd6LIEWWBygob:vSfu3ZJ2o3sSzTRaa0lZFodGggxXfDHG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RE. SOA attached Eml.exe

Files

RE. SOA attached Eml..7z.001
.7z
RE. SOA attached Eml.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ