8c6ed343e0a04a556a2ba9988f5c198a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c6ed343e0a04a556a2ba9988f5c198a
Size

576KB
MD5

8c6ed343e0a04a556a2ba9988f5c198a
SHA1

551340133de25b6eb9b5aaa86f3426560522f92c
SHA256

cb6d7cdea3dbb9f9823741599b9b6fb80f5cd7bdac022ec229c51e4f708f97a8
SHA512

d2a73cddacc659b10b7db9385bb62d99aa44567e911679af54ebe0130ffc5036129de6ea258fe989ad439f2f3efde2d684243cd0a8679d4b8408a2154861bcc6
SSDEEP

12288:WrgOnQ3ODzfIIIRb4nFTYxXkfjX7cJ3Pq0HGaf/ZMOcJMlkB:mghCI4jX7qVB2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RGZ.doc

Files

8c6ed343e0a04a556a2ba9988f5c198a
.eml
RGZ.doc
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 326KB - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.COD
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
email-plain-1.txt