DHL-AWB[.]cab | Triage

Sharing

General

Target

DHL-AWB.cab
Size

604KB
MD5

05886954b4741af1f1fb1daa625922de
SHA1

1b159fbbb46b796af684b9aa012abac5efbfa64d
SHA256

03eec5b1ca620d3be7d0b804f27dc8bc4f70c58b8e9965869a9f4d0815186a82
SHA512

f74351694fbb0594237a51030946c43286ad54c62861a220da1086ba2377013cb1a2e08773aab53218d280ce8497a4a456bc1e26c3f7012b96d04ef633eafd9a
SSDEEP

12288:u+kmL2MchXV0Ny2HOmGjcSVNb1oyw5kAUyHDqzJBeTA1kctQzW:u+pFwV0BOvB1oywmANjqzJz1kctb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DHL-AWB.exe

Files

DHL-AWB.cab
.cab
DHL-AWB.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 710KB - Virtual size: 709KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ