Overview

overview

7

Static

static

1

DHL Notifi...df.exe

windows7-x64

7

DHL Notifi...df.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    DHL Notification_pdf.exe

  • Size

    292KB

  • Sample

    230320-mg376aeh8y

  • MD5

    06f7894017e8f6737d228adc14480c83

  • SHA1

    fab1cbdbbb5fc2e76de2622948a02c3e8af17c18

  • SHA256

    bbfb2aacf1ff431d0ed71b54c499d3a56b6bcc90d5137cd78097b40c354c2353

  • SHA512

    a88448b4853746bb49d2640e5f23796187e6234f744ee006c687e93197f9dee86cf826259b2480879dcf00dad0b98355dd49298ece63f0bc32f1d356b3f3d8d6

  • SSDEEP

    6144:PYa6brXt83aw4ZaNEQRd0SyjNmzvw/gAn/lfVuMqs6sV3jQl:PYRrXtCJ4Zazd0SyxEvwYA/l9l6s1je

Score
7/10

Malware Config

Targets

    • Target

      DHL Notification_pdf.exe

    • Size

      292KB

    • MD5

      06f7894017e8f6737d228adc14480c83

    • SHA1

      fab1cbdbbb5fc2e76de2622948a02c3e8af17c18

    • SHA256

      bbfb2aacf1ff431d0ed71b54c499d3a56b6bcc90d5137cd78097b40c354c2353

    • SHA512

      a88448b4853746bb49d2640e5f23796187e6234f744ee006c687e93197f9dee86cf826259b2480879dcf00dad0b98355dd49298ece63f0bc32f1d356b3f3d8d6

    • SSDEEP

      6144:PYa6brXt83aw4ZaNEQRd0SyjNmzvw/gAn/lfVuMqs6sV3jQl:PYRrXtCJ4Zazd0SyxEvwYA/l9l6s1je

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks