email[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

email.zip
Size

29KB
MD5

325a37c50c3c06ffd72dceb977400c4d
SHA1

48b29d1830318e4de00af763e9a4a859ecdae6b7
SHA256

a6d0ade40843a1f2fd1b7ca608578a7d9c9fa9be1a4bbb852608dc09b3788bd0
SHA512

497fa5ff8300cc83ab4bbf2740d19e738579035d62883043a8ceb48fe4d98ecff55ed16a100cded1f0d49bc83f1d1c7d1d599a6c592cbb1cb266804ca4b2a594
SSDEEP

768:lWkliAnUQYkYKzqbjC5RqHjrYReyZx+l0oKriCPRDLx:UySsz6jGeyZx+l0TR5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/document.txt .exe

Files

email.zip
.zip
document.txt .exe
.exe windows:4 windows x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

��t
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��ta
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��a
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE