Static task
static1
Behavioral task
behavioral1
Sample
DHL_SHIPMENT_REF#290421_73663_pdf.exe
Resource
win7-20240903-en
General
-
Target
f3d5913219cd0b70ad97893a0d582189b5b23324b1b66a7646f328bc4d0c2da3
-
Size
498KB
-
MD5
71ade2c0e1ab958b44264785962ea425
-
SHA1
d22d9f2c9d9217ce6bbe00fe9576ad2c6e40b13e
-
SHA256
f3d5913219cd0b70ad97893a0d582189b5b23324b1b66a7646f328bc4d0c2da3
-
SHA512
51890692544ae2a036304da8d3144adfc492395e9d11436aab2cc8658b66a108bd928e9861a454075509caa32077f51eba814870645a3609637e7ebc81d676ea
-
SSDEEP
12288:N9WHRJEE7b7jMax9LJJfSMDzUSQ+Xcz4IG7ztSV60tLhTC4qu:qHhP7jBx9vScM+XW4IQsLf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack002/DHL_SHIPMENT_REF#290421_73663_pdf.exe
Files
-
f3d5913219cd0b70ad97893a0d582189b5b23324b1b66a7646f328bc4d0c2da3.zip
Password: infected
-
22819dce5d14b0fee02a1d92636999153c37001337f9eee194351208ba3aed70.xz.rar
-
DHL_SHIPMENT_REF#290421_73663_pdf.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 642KB - Virtual size: 641KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ