32b4f238-3516-b261-c3ae-0c570d22ee18[.]eml | Triage

Sharing

General

Target

32b4f238-3516-b261-c3ae-0c570d22ee18.eml
Size

688KB
MD5

60d00c17d3ea15910893eef868de7a65
SHA1

1d17dd1688a903cbe423d8de58f8a7ab7ece1ea5
SHA256

d13a7eaaf07c924159ea7bb8f297dab1d8da0f9af46e82e24052d6a9bf5e4087
SHA512

c589a12dbbd2598eeb74564ae11142a2d1a17beb6fafcdb8211ff72d33dbe58ae7d17d03e5521819cd788a0c3158fe60738e15ef4a6285c1221d32f979c13813
SSDEEP

12288:vZ1Tzm0D2acQLqgVIjejueFyhaCV2JKKS7hoxSSqkljhEi9lV7j:z7K8FuuzCV2JKkxPOQ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/pago 4094.exe

Files

32b4f238-3516-b261-c3ae-0c570d22ee18.eml
.eml
- http://facebook.com/
email-html-2.txt
.html
email-plain-1.txt
image006.jpg
.jpg
pago 4094.r09
.rar
pago 4094.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mKkHQ.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 521KB - Virtual size: 521KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ