mail[.]eml | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mail.eml
Size

781KB
MD5

8719ef39f1225b7ebc9d6840c5828d46
SHA1

94c321a262c76dad08163d35997ee1830c69719c
SHA256

78f69a63674a49863de0ab29eae32c20d4e8a92f8c242462f8c11b3216f5097f
SHA512

c993d2ce308d1fffb317ee430429c194ad40d742b033ed54ae3edfe2b74e9c4bab89cbde92ef11d909869281697e0a4c35f3fa9ad15de6d4b5cbd21f986e116f
SSDEEP

12288:I6VALOaLoFP6WOkeeXQqRxzvygJsBpq/EHIPCVze:IwALOaLoFPZ9gQ/EHza

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/SWIFT COPY_MT103.scr

Files

mail.eml
.eml
PaymentAdvice_PDF.img
.iso
SWIFT COPY_MT103.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-html-1.txt
.html