beeea4ec55f906a1620e7de60238c8bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

beeea4ec55f906a1620e7de60238c8bb
Size

445KB
MD5

beeea4ec55f906a1620e7de60238c8bb
SHA1

9a60bdb043ff650c7b1cfc67e69e2621f88796f5
SHA256

03ad2c0b16286d836c08e68ee6005d6eb303b4deec0e3cd9b279c445ec3b737b
SHA512

e4689f0f1cc71012f0b31dafd12db87de6aa8d90c8cce89dbdba7dd9bdd79d1f926dda68a481f09003473dbfd3615659389c9329ca22fc7a4ff0cdaec0976a4e
SSDEEP

12288:WHN1YaMS9u04Gf7TsBdhB4+AtpLnrFYSb7nMVnspoMGE:W4Yh4GfEBd7PIZGSnYseLE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/paki.exe

Files

beeea4ec55f906a1620e7de60238c8bb
.eml
Order.zip
.zip
paki.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 601KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-plain-1.txt