Dhl express Ref-6853148094[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Dhl express Ref-6853148094.exe
Size

609KB
MD5

10770c66fe83072328fe640528da1f3f
SHA1

03bec9901e38c2840112516ea8d60e345094b2ba
SHA256

19d5668c176fd17ee00ab03bc0e122a54baee90f6c00ddefc40faa6ee762b9b1
SHA512

002c006ce7413d2b6a6a8128f956df44ab0aaa161d579f27a50d026240e019e845a84282463cb7b51c990ffc65cf80a7d6ed93e3d3b03a50e940415dc3621c0b
SSDEEP

12288:Ss0vkcVL2FND883gtBWPQinT6jwyS+9spv6T:Ss08aL27o8N3na9c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Dhl express Ref-6853148094.exe

Files

Dhl express Ref-6853148094.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 607KB - Virtual size: 606KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ