DHL AWB - COMMERCIAL INVOICE & BILL OF LADING[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DHL AWB - COMMERCIAL INVOICE & BILL OF LADING.exe
Size

368KB
MD5

34234f0b0694b96413bf1122c64860fd
SHA1

0cfdbe2b81d71e85591a52371d9156f9f6624334
SHA256

cb8a384c8ebac333e31a6fcd7ac32bab3074462b6980fe42e4b96068956f5bcf
SHA512

c82c23412ef4b4ccea6f2dc1322a7cc8e0947676277d76067983f0d1a500e6f4f2dad2dd4ac265bdd42709b741f97b121424fa28298d68b18b9369275b941af3
SSDEEP

3072:CgGe1STHpdYwUX4DWS539vSJgsu81Qu3pLEL7455+qVs6UXh5s1UkKd1SAsubx:Co8HDUXo4/3p4L74iaKXhmyUA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DHL AWB - COMMERCIAL INVOICE & BILL OF LADING.exe

Files

DHL AWB - COMMERCIAL INVOICE & BILL OF LADING.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Desktop\stockdemon-main\Stockdemon\obj\Debug\Stockdemon.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ