MalScore
100/100
MalFamily
Malicious

dhl.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 35/67 Related 2367
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 391.00 KB (400384 bytes)
Compile time: 1991-06-18 15:06:46
MD5: 311c81f0ac007acf327335c85620ca01
SHA1: 5c442e95ddb5ca6c2b2f056d41f0bdf19a16b67c
SHA256: 39da070a2696c9deb1da934d7833f37fab41c92b370eddc1970c726935b8d467
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 5 y~'V4]R .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2018-11-23 17:27:04
Last submission: 2018-11-23 17:27:04
Filename detected: - dhl.exe (1)
URL file hosting
hXXp://interraniternational.com/docfle/dhl.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2018-11-22 22:50:51 [35/67] VirusTotal
PE Sections 3 suspicious
Name VAddress VSize Size MD5 SHA1
y~'V4]R 0x2000 0x41964 268800 fdaac63ca8a5035131be7f6234a6f5da 65757bf7a5f0e41b310711c80fa2d6f24c2cdf25
.text 0x44000 0x1f270 128000 9bffea5b0c6304a91c4794d4d0bd549e 94d83e73cc89d6731995085c74bcad58cebbaf69
.rsrc 0x64000 0x5c8 1536 83fb5db099110a0a340a511bb9f762be 937e59d5c8629ddaadf6d2a21d2406be8f924eea
.reloc 0x66000 0xc 512 354e5ffc7f8a670c981da5a85608e4ce b165ed6b8b261ad456ecf8ba89b04544820e5587
0x68000 0x10 512 a1c85a89eb50c5688e00e05540403b31 7015ed84ad48af1ac05c23311e05c56c615977cc
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
No packers found for this file
File found
FIle type: XML
System.Xml
FIle type: Library
KERNEL32.dll
UxTheme.dll
mscoree.dll
GDI32.dll
USER32.dll
IP Found
8.2.34.4
URL(s)
No URL found
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven02b_64 Seven02b_64 VirtualBox 2018-11-23 17:18:45 2018-11-23 17:21:44 179

2 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven02b_64 Seven02b_64 VirtualBox 2018-11-23 17:18:45 2018-11-23 17:21:44 179

0 Summary items with data

Files

Nothing to display

Read Files

Nothing to display

Write Files

Nothing to display

Delete Files

Nothing to display

Keys

Nothing to display

Read Keys

Nothing to display

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

Resolved APIs

Nothing to display

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

#infosec #automation

TheSystem Itself @ 2018-11-23 17:27:21

Detected family: #Malicious

TheSystem Itself @ 2018-11-23 17:36:02