1-4[.]eml | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1-4.eml
Size

929KB
MD5

6348e083cdadc9627901f7f068c0caba
SHA1

3dbc441206e8a6e821b679d9aba671ea747f5153
SHA256

590b71ab192ed5619e290b55cb8e9674e0995899fa225b28d98fa611bcc60c10
SHA512

7e0528eb737ff2ed732a75cf36ea56ba390f328c9992cb3b2d098eb0c2cafc81fdfd16a0b955eface318211d7e52faf43f15782c8c1e4ca96924ed5ddcc8aca6
SSDEEP

24576:a4MMuiV4Mxw8KLj8IWy84xNN8Ca1Yhelz:xuVP81y2Calz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PO#-KHLN2024011801.XLXS.exe

Files

1-4.eml
.eml
PO#-KHLN2024011801.XLXS.rar
.rar
PO#-KHLN2024011801.XLXS.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PO-240269.html
.html
email-html-1.txt
.html