1[.]eml | Triage

General

Target

1.eml
Size

110KB
MD5

cabfd4c0e9cda6bdd2a40e6bab588bdc
SHA1

daed2cf6494dce12111c2637c27f7b56246f9ac0
SHA256

01798553544cb6ac69490154ec1c1a4281bf6fc516502c4f26c3e3f3d762d65a
SHA512

35ee91222a6ae1ff73470b972ac7f2dd4cc4596c499babab37a0c2c92097e22236d50f77938d4e57c08838411acc295c544fbd45edf8f4d9a509df77bc5969ae
SSDEEP

3072:hxknpyqtWenXTfadZmYFolCtcq0DIgQZhxdSqf:EpyqtWenXWdLiIGRFQfxky

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/QUOTATION_JUNQTRA031244�PDF.scr

Files

1.eml
.eml
- https://in.linkedin.com/company/su-nav-group
- https://twitter.com/SuNav_Group
- https://www.facebook.com/SuNav01/?hc_ref=ARQoMCWPeSu9KuY1UW5IsvPL4ToLBpN2n_BHqejgwObtHpIpg92is78KasSUuoyMWxM&fref=nf&__xts__%5B0%5D=68.ARAeKHV7XTsyM5sxHMZQh11bvs2ef3R9_qkSNkIMZ_sAPDQ71Xyu0dO2zu70CmMzIGaxH_kgwNeCiIpafK6APrrpX5ZIA1-LAP4TbNUWiVe8B8q0JmQMe_N7F_OJfXmHOlGJcsqhSOD3H9lw6r0pTVoXBUiWpKSzKK9msQ1yynkHzwSjit5AGKcbzh3ETPcZuJC5FNgu6ZZGujygaplPspfxKl2Qe751a0Qryz5l0yWPd2cQd3Am1cxgpx8mKZOyldUy0Hc8ZmYq0ArY1p7AfXvSDjdA59tpfDPzp1Fn-ZhX0YnZqfBd4qoEGkEfR9dVtDSvP5jYDgGSKmMW4SA&__xts__ %5B1%5D=68.ARAthcrGgnWSPXIaUqAuTv-ZE1ijUxXpFVWu8F2WFc5tRuIZ6xVf-4v3cm5ejbVHSNCgRNRrQXrflZh6W-wespDGTC2GIAdQy64HcA_l_f9UmSl48P6aVRcBPLhTiwbYbikSZ0oohZLIah4I50hGvNuPYi0FVbIhkjOOVY_RR042Tf_ksly9kaNdkNNqqY0UVQwUOM6LNe_0QP4WuKDU_re7doTuyl1QMTIE8Q3CvufFBtQaPZ9wMiszPgQhbxxs5EuKnZccy5BD3vJzojBOqtXOGHKpWxa4VNuORNIu0DK06NUcV3clogWwm91EItu0RbKpIYVOJhVoZYKX7uE&__tn__=kC-R
- https://www.su-nav.co/
MV SONYA BLADE.z
.lzh
QUOTATION_JUNQTRA031244�PDF.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-html-1.txt
.html

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 72KB - Virtual size: 71KB

.rsrc Size: 327KB - Virtual size: 327KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 327KB - Virtual size: 327KB

.reloc
Size: 512B - Virtual size: 12B