DHL express Ref 6853148094[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DHL express Ref 6853148094.exe
Size

698KB
MD5

de51940d1c9f9c34b2c5612938fc6a9b
SHA1

bb0b49f8322d5667b0d0c172e32915f16da777a2
SHA256

353e4ce2d80b1574912e9bd1a89a204008e327038126a08e812c999aaebaf386
SHA512

bddaee4287dcdd9cbfa88631d4316d13cd2fe1043d0df392c8a27e00cc61836e3b773e3c63129a3b2e3780901af92fd4009b6d7326df926418cff0055be3918a
SSDEEP

12288:QreHdggT6CLd+SZpaUueWVjPLsPbra5YwaKIIxHZjax3ZmjEg8TgInXzDR19:QreHdgINUwaUuFV8PFwa1P34x8McXz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DHL express Ref 6853148094.exe

Files

DHL express Ref 6853148094.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 695KB - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ