3fa9bff097e79c6f818c64c637cd26c3 | Triage

Sharing

General

Target

3fa9bff097e79c6f818c64c637cd26c3
Size

913KB
MD5

3fa9bff097e79c6f818c64c637cd26c3
SHA1

da2d78eb7c27c783bf126bdb5b3f92c22c1d69d7
SHA256

e8361e9801d3c48870b225ca701245b0b2af7d5825da21c9d023276dd8155f5a
SHA512

287631c9e46256d53656912db38d5b3e9a3bbc6eeb98ef164cbc23cb3d50313e62fb3e6e659c90a9566b4eeb8e6ca9cb3a7407c09ec656fe4ca271269c7a2453
SSDEEP

24576:55HgrbI47kgr1NYAMNyCrLKZ0uZCkD04auORBUzP:LKGbqOuR0TM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/REQUEST FOR QUOTATION FOR URGENT RESPONSE RFQ0972-276488-397837.exe

Files

3fa9bff097e79c6f818c64c637cd26c3
.eml
- http://www.thewheelgroup.com
REQUEST FOR QUOTATION FOR URGENT RESPONSE RFQ0972-276488-397837.rar
.rar
REQUEST FOR QUOTATION FOR URGENT RESPONSE RFQ0972-276488-397837.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 994KB - Virtual size: 994KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-html-1.txt
.html