Overview

overview

10

Static

static

3

DHL_Awb_Sh...25.exe

windows7-x64

10

DHL_Awb_Sh...25.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    09012025_1000_DHL_Awb_Shipping_Invoice_doc_010720257820020031808174CN1800301072025.bat.zip

  • Size

    407KB

  • MD5

    d997c93a7a968959b1e9ab3c92ebb349

  • SHA1

    944fff955398464b35bd8c2627051f49b3e31680

  • SHA256

    17dae734594db7d9a671d89973dcaece5619e2ed632457c811d259ab0466ee53

  • SHA512

    c52013700bef546079b7318889175ab9080d632aa00b75fd9fdc921a921671fefbdf1cb8e4f840117dd474159e36668b634351a15a278608238bf9d9b95f9e35

  • SSDEEP

    6144:Ezr75lWt34BNHN0nHkCgnzuvmGy65bZjk5AESbz17QUhL84HEY4L24P2pF9EX:Ez/544vt0HCzcHbZjk7iz6KLjHDyP2DU

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 09012025_1000_DHL_Awb_Shipping_Invoice_doc_010720257820020031808174CN1800301072025.bat.zip
    .zip

    Password: infected

  • DHL_Awb_Shipping_Invoice_doc_010720257820020031808174CN1800301072025.bat
    .exe windows:4 windows x86 arch:x86

    Password: infected

    57e98d9a5a72c8d7ad8fb7a6a58b3daf


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • Biri.skr
  • Bolledejenes.Oct
  • Skrabs.Alv23
  • cambalo.inh
  • oink.tyk