Static task
static1
Behavioral task
behavioral1
Sample
DHL KULI500796821__SCAN DOCUMENT.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
DHL KULI500796821__SCAN DOCUMENT.exe
Resource
win10v2004-20230831-en
General
-
Target
DHL KULI500796821__SCAN DOCUMENT.img
-
Size
41KB
-
MD5
d85445b386aa8391cc1983048d25fb3c
-
SHA1
a82ec4de9b2a5d0944d8ee2a3774fbf91231ffdd
-
SHA256
2627a94c8fe784b606036d3425bc56bd6ef40005011436984babff02b5512b0c
-
SHA512
f548e4a979b0d21a025d8e1fe119a9ce9c1d7200dafd3bd0315904426ed0d8aac7848d2b93d45ed6df380b2a53219946c876eb3ff9008c7fad8d8c61584d46c5
-
SSDEEP
768:NE6K27hjFCZEpPfFt7g116ouF+J8syQcdQqyJ8yLhMcrucz:NzKyhjEZEumoy4cdOJrTaM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack002/DHL KULI500796821__SCAN DOCUMENT.exe
Files
-
DHL KULI500796821__SCAN DOCUMENT.img.zip
Password: S@ndb0x!2023@@
-
Device/HarddiskVolume3/Users/mnoushad/AppData/Local/Microsoft/Windows/INetCache/Content.Outlook/MHR1F6Y2/DHL KULI500796821__SCAN DOCUMENT.img.iso
Password: S@ndb0x!2023@@
-
DHL KULI500796821__SCAN DOCUMENT.exe.exe windows x86
Password: S@ndb0x!2023@@
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 403KB - Virtual size: 403KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
manifest.json