25e2619309515f2a7953682e8d4ea6d13b9c7030159aefbb8521d4316a58c19d | Triage

Submit
Reports

Overview

overview

8

Static

static

July Appro...DF.exe

windows7_x64

8

July Appro...DF.exe

windows10_x64

8

Sharing

General

Target

July Approved Order_PDF.exe
Size

364KB
Sample

200708-jlptfw6xnx
MD5

82fd63f045b5afd0834a9b1b579318fb
SHA1

7df3257d74c240f440c8ef001a414f6372a84724
SHA256

25e2619309515f2a7953682e8d4ea6d13b9c7030159aefbb8521d4316a58c19d
SHA512

7ea44d652f5ecfaafb141090aff32f3bc14b5c0acf2ad5457ebf4d7c1cc74aed8a16bda245b75fd105893c0a8deef9fff1555acf336adc7009106b6b3ff4cdd9

Score

8^/10

persistence spyware

Static task

static1

Behavioral task

behavioral1

Sample

July Approved Order_PDF.exe

Resource

win7v200430

persistence spyware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

July Approved Order_PDF.exe

Resource

win10

persistence spyware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  July Approved Order_PDF.exe
- Size
  
  364KB
- MD5
  
  82fd63f045b5afd0834a9b1b579318fb
- SHA1
  
  7df3257d74c240f440c8ef001a414f6372a84724
- SHA256
  
  25e2619309515f2a7953682e8d4ea6d13b9c7030159aefbb8521d4316a58c19d
- SHA512
  
  7ea44d652f5ecfaafb141090aff32f3bc14b5c0acf2ad5457ebf4d7c1cc74aed8a16bda245b75fd105893c0a8deef9fff1555acf336adc7009106b6b3ff4cdd9
Score

8^/10

persistence spyware
- Adds Run entry to policy start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Adds Run entry to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespyware

behavioral2

persistencespyware

© 2018-2025

Terms | Privacy