70bc64f3d04300d8a41114c1676cca08abdd2d69ecf37e05ae38a8461f8bf5cc | Triage

Submit
Reports

Overview

overview

7

Static

static

1

DHL Shipme...nt.exe

windows7-x64

7

DHL Shipme...nt.exe

windows10-2004-x64

7

Sharing

General

Target

DHL Shipment Document.exe
Size

2.0MB
Sample

230329-xj87ashe39
MD5

852ecbb34661097c525cc541fcc8f093
SHA1

1bad774af30e8ebd3acbfd16d02446529a9018f9
SHA256

70bc64f3d04300d8a41114c1676cca08abdd2d69ecf37e05ae38a8461f8bf5cc
SHA512

90a043575f91285e89dc5782138664513d53141e373a8dd779c7116cbee5613b609eb6b02aacde4979e553518156fdd5c9408239ee22c527a395b5508b1412f4
SSDEEP

24576:p1v1MN0slyRnfYSIZozmwF2ny/v/LtGZsYjot02EgwT83Zm+cobMvvyThQcYAwv1:p1v1MN0slyz/s59jmkS

Score

7^/10

Static task

static1

Behavioral task

behavioral1

Sample

DHL Shipment Document.exe

Resource

win7-20230220-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

DHL Shipment Document.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  DHL Shipment Document.exe
- Size
  
  2.0MB
- MD5
  
  852ecbb34661097c525cc541fcc8f093
- SHA1
  
  1bad774af30e8ebd3acbfd16d02446529a9018f9
- SHA256
  
  70bc64f3d04300d8a41114c1676cca08abdd2d69ecf37e05ae38a8461f8bf5cc
- SHA512
  
  90a043575f91285e89dc5782138664513d53141e373a8dd779c7116cbee5613b609eb6b02aacde4979e553518156fdd5c9408239ee22c527a395b5508b1412f4
- SSDEEP
  
  24576:p1v1MN0slyRnfYSIZozmwF2ny/v/LtGZsYjot02EgwT83Zm+cobMvvyThQcYAwv1:p1v1MN0slyz/s59jmkS
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy