Static task
static1
Behavioral task
behavioral1
Sample
DHL_INFO.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
DHL_INFO.exe
Resource
win10v2004-20231023-en
General
-
Target
DHL_INFO.GZ
-
Size
672KB
-
MD5
2b5de32d0cc0ed3e3bf04b6fa0614234
-
SHA1
9aeb0503681e070f51dfdf330bb43c360f9939ac
-
SHA256
44d9cfd20aecce36b5ceed64bfdf0ac84aad28b27985ec5e2aa498605613effc
-
SHA512
b7bd4b357bbd5d4851224c170b2db9d9f55776e79fbfa7ceba667d169030c38a4e4eb75500472b05f24b57d5e24bef1c10ea02bcbafc9c58c9766e85d4d28593
-
SSDEEP
12288:BpvHx3dnpDtQLUKROLgc3jAdxQPaQjtzz//rC+Z3/L02Cuu/jQpEJKLWkOnIdMoN:zvHx3hpDtQLUTLsUJjJ//O+Zj+7kOnIB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/DHL_INFO.exe
Files
-
DHL_INFO.GZ.rar
-
DHL_INFO.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 630KB - Virtual size: 630KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 153KB - Virtual size: 152KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ