C0R543347T89884360[.]eml | Triage

Sharing

Copy URL Twitter E-mail

General

Target

C0R543347T89884360.eml
Size

973KB
MD5

0baefd99648ad90f3e050a8a3858595a
SHA1

4fa3a5df19d33c6538bee9b814b8813774ff6c07
SHA256

44414ca1056d2d9f6a21fa75b119c2dd2ef8b49e488d3fc7fdb1676e8f043cfb
SHA512

aa47379d2ffbf382c8f7b37446f487531a1e79ac3512176c87ad3bb8185a503b9e1ab9713e314cba0e2c8bcdf7a08644f62859b2624becd2deaa6d5999fddfb2
SSDEEP

24576:qU699xJndTEy5+dNDzl7CChmhU/nwe5HuJDU6vDcUNR5:qjrdA3nBefuHuxtrz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Bank Details-Confirmation.exe

Files

C0R543347T89884360.eml
.eml
- http://www.ewamax.com/
Bank Details-Confirmation.ARJ
.rar
Bank Details-Confirmation.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 812KB - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-html-2.txt
.html
email-plain-1.txt
image001(2).jpg
.jpg
image002.jpg
.jpg