kkvk.pdb
Static task
static1
General
-
Target
0.eml
-
Size
894KB
-
MD5
9a510d91e306d168ca7f3bea659da5f3
-
SHA1
8988997e6db253cbc1623745defa82d58865e58d
-
SHA256
a8922e65fd8276f0a9f0a0ebf2ce97c3ce521ebfb490d1c2db8a750b97979f7c
-
SHA512
7abb2ce8484122613579840d9ac265ca7b38167e3710a8b36d4a98bc77af5fa6cd56f60a03b39116ba66f800a3fb4883ab45347c1761619e7969f4630e472721
-
SSDEEP
12288:sbL0Cf7YnfSG25EzI0H9LE4rfsq5DMHdjY+C1T3u3VHiUrtqIGvKb2CfqPBDxk7Y:+0CQ3zBHK4rOV1C1CCjBZxk7VC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack002/DHL Package Documents clearance.exe
Files
-
0.eml.eml
-
DHL Package Documents clearance.z.rar
-
DHL Package Documents clearance.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 687KB - Virtual size: 687KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
dhl bottom.jpeg.jpg
-
dhl top.png.png
-
email-html-2.txt
-
email-plain-1.txt