C0R98180T99809668[.]eml | Triage

Resubmissions

08/08/2024, 09:58

240808-lzg7zasbqn 10

07/08/2024, 11:47

240807-nx26ga1gqa 9

Sharing

Copy URL Twitter E-mail

General

Target

C0R98180T99809668.eml
Size

153KB
MD5

4dd43cd28cf4f2be9901f499fdfbc187
SHA1

920208a90ae33b009687886609f00085be4f5ca1
SHA256

490c6a7ecbe059cdf50cd5a218cb15f841e8064f529cbedd33592db4386efd89
SHA512

3c4e74067412261732f6f5bb72cc14ce6ce2e86b0f3dadd3ae594dc2e6e32a84c3af6797fbf33113a8db5ac10097dd28865243302e39555e45aee35f44f5c5ec
SSDEEP

3072:xeusf2cv/hor9Bgt9u2a5ol9nY+42m52GbVF97H6k2/P:Ri2cv/h0Bgt95vHnYlAGbVkP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/FedEx AWB 000263577955.exe

Files

C0R98180T99809668.eml
.eml
- https://www.fedex.com/content/dam/fedex/
FedEx AWB 000263577955.zip
.zip
FedEx AWB 000263577955.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
__MACOSX/._FedEx AWB 000263577955.exe
FedEx.jpg
.jpg
email-html-2.txt
.html
email-plain-1.txt