Static task
static1
Behavioral task
behavioral1
Sample
DHL_TOC2_2407081728458457.pdf.exe
Resource
win7-20240705-en
General
-
Target
16072024_1558_16072024_DHL_TOC2_2407081728458457.pdf.z
-
Size
584KB
-
MD5
6744a57ff25d8b5fed01a11419a1fce7
-
SHA1
d1a1bc66e54258e7511b93f5867cdcba9738f06e
-
SHA256
d523a99946a5f24428ac503052d199a166d5c422e915f03a2c602a8ec61bd2b6
-
SHA512
de9315d2781f27e7bb97c01e8ec19ede916b098e404b6a24e626deea56ffaa12d4af737f5a59447720eb51f836535529669229a966b7e8d57b79c2191508ff12
-
SSDEEP
12288:i/c97aWm6LYW29Jqn8NA/SMGpqIaeOEqvsUhAEXvPKQIWXgf9Wi9SRWKxRv+Tpm:iU5rL5MJq3/6pweOE4dtPKQIZf9WiQnP
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/DHL_TOC2_2407081728458457.pdf.exe
Files
-
16072024_1558_16072024_DHL_TOC2_2407081728458457.pdf.z.rar
Password: infected
-
DHL_TOC2_2407081728458457.pdf.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 616KB - Virtual size: 613KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ