General
-
Target
Orden de compra SZ5-9-020,pdf.exe
-
Size
546KB
-
Sample
200711-jqsxs83yqs
-
MD5
7edd95f1848528b28a614c7a2eefc036
-
SHA1
ab633b0dbfdb08a1b2dd4a4612e7a01dec6f9fa3
-
SHA256
b59d01c152a084a23f8477e2a20bde57045b2e3a1ca9a938ba4dbf6ac262b73f
-
SHA512
2b87811bd3394b145354548edfdda04d9db3b9163f83b4aa69c4ed7b1bd54ac247b19b340f3504073a02fde8eb80139aded6078e032e8a09396ad7f8470d958c
Static task
static1
Behavioral task
behavioral1
Sample
Orden de compra SZ5-9-020,pdf.exe
Resource
win7
Behavioral task
behavioral2
Sample
Orden de compra SZ5-9-020,pdf.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
Orden de compra SZ5-9-020,pdf.exe
-
Size
546KB
-
MD5
7edd95f1848528b28a614c7a2eefc036
-
SHA1
ab633b0dbfdb08a1b2dd4a4612e7a01dec6f9fa3
-
SHA256
b59d01c152a084a23f8477e2a20bde57045b2e3a1ca9a938ba4dbf6ac262b73f
-
SHA512
2b87811bd3394b145354548edfdda04d9db3b9163f83b4aa69c4ed7b1bd54ac247b19b340f3504073a02fde8eb80139aded6078e032e8a09396ad7f8470d958c
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ServiceHost packer
Detects ServiceHost packer used for .NET malware
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-