DHL Receipt_pdf[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DHL Receipt_pdf.rar
Size

422KB
MD5

b9afb2f4be06e66d53ff4547aa132134
SHA1

3edfbe8ad59953a958a4657206791b651d1b894b
SHA256

e5d0cc163a7c1e14b68cc568e20198961b924e11dbaf1337a88ea521990de5da
SHA512

91390cbcf53294ab7830abdb15c62737cb20a0a5ac2872c4157851b12bc67ecd13b49f894b950dd81ad50e82cbbeb74369420fcf93a81cfe67cfaeccfe0df9b5
SSDEEP

12288:cDvFMpphZ+3wVGOwvnjL95vm1KuS3SIHd:cDvFMpphZZYO+LHvmI3V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/REqAO25caeLL49E.exe

Files

DHL Receipt_pdf.rar
.rar
REqAO25caeLL49E.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 473KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ