DHL 송장[.]pdf[.]exe | Triage

Sharing

General

Target

DHL 송장.pdf.exe
Size

762KB
MD5

0f49bb0c2a604fa78ec0bd36b0a7f364
SHA1

5753b5b6e57c521670d901f441f8e2c65292542e
SHA256

060ad64d6e63aedbc2250c784d91852e3c2e113aca058565c8988d1930220a83
SHA512

0e4e689afdd64e160293ad7d3e26871e20bb53b65e5c3276ba52b325ea9e616019bfda1e0c9fa6342beeb4fe6896ff4b44be4ca8a2c26acc7ca7b0bb2fc95180
SSDEEP

12288:M3qyJMrv295xzbgiPZ1xRllixBcyFDBdH7X+yz3dP7r9r/+ppppppppppppppppF:M6OmvzAUDBt7XvLd1q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DHL 송장.pdf.exe

Files

DHL 송장.pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 546KB - Virtual size: 544KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ