C0R562212T196210481[.]eml

Sharing

Copy URL

Twitter E-mail

General

Target

C0R562212T196210481.eml
Size

982KB
MD5

7f4177e2f181b8733796bbbd83196d8a
SHA1

c86f62fe71a5c56cfa62e1b0126503fb0ba314b6
SHA256

4c88a0dc99ebcdbad26ad0043fdca24287526f4bb2fe01c6abf6a0bf527606fc
SHA512

9813c12a0256cde3c352668571988716564c11077684c28a5ca017eb6e49bc63cb30ccfa3ebdbc3fef8eb4cde94e6366f9590f2b6b35d8025a86d197aa8ee135
SSDEEP

24576:28mQhzoRLvj4WWJG5JQAIbr9i5Ohv7egO2iAth:NEIW7hW7gEh

Score

1^/10

Malware Config

Signatures

Files

C0R562212T196210481.eml
.eml
- http://www.xinzhongautoparts.com/
Payment_ref_1_8001955769.png
.png
Paymet.Gz
.rar
Paymet.exe
.exe windows:4 windows x64 arch:x64

Code Sign

9f:d5:4d:5b:31:07:83:f3:b6:bc:a7:1a:2f:7b:e9:07
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,OU=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-09-2024 06:55

Not After

15-09-2025 06:55

Subject

CN=Microsoft Code Signing PCA 2011,OU=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

Issuer

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Not Before

15-01-2024 00:00

Not After

14-04-2035 23:59

Subject

CN=Sectigo Public Time Stamping Signer R35,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

Issuer

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

22-03-2021 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:e7:11:a3:c0:cc:90:8a:05:a0:4e:57:67:41:41:4d:c0:4b:5e:12:ee:09:6b:eb:f4:d2:9f:38:9a:46:bd:7b
Signer

Actual PE Digest

7b:e7:11:a3:c0:cc:90:8a:05:a0:4e:57:67:41:41:4d:c0:4b:5e:12:ee:09:6b:eb:f4:d2:9f:38:9a:46:bd:7b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
email-html-2.txt
.html
email-plain-1.txt

Sharing

General

Malware Config

Signatures

Files

Code Sign

9f:d5:4d:5b:31:07:83:f3:b6:bc:a7:1a:2f:7b:e9:07Certificate

Extended Key Usages

Key Usages

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89Certificate

Extended Key Usages

Key Usages

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3fCertificate

Extended Key Usages

Key Usages

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68Certificate

Extended Key Usages

Key Usages

7b:e7:11:a3:c0:cc:90:8a:05:a0:4e:57:67:41:41:4d:c0:4b:5e:12:ee:09:6b:eb:f4:d2:9f:38:9a:46:bd:7bSigner

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 14KB - Virtual size: 14KB

.rsrc Size: 68KB - Virtual size: 67KB

9f:d5:4d:5b:31:07:83:f3:b6:bc:a7:1a:2f:7b:e9:07
Certificate

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

7b:e7:11:a3:c0:cc:90:8a:05:a0:4e:57:67:41:41:4d:c0:4b:5e:12:ee:09:6b:eb:f4:d2:9f:38:9a:46:bd:7b
Signer

.text
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 68KB - Virtual size: 67KB