General
-
Target
MV TBN CALL PORT FOR LOADING COAL_pdf.exe
-
Size
527KB
-
Sample
200713-hev3phxzjj
-
MD5
aa683fc072f3ae7d3746555ad0d2fa86
-
SHA1
6e3a1234cfc5658c9da297cba29d5869b7d48906
-
SHA256
5f26ec6a89a14aedcee85883d41d5ca81a2ba2a7c99ec464abaa5bd63b6cbe1b
-
SHA512
ca3733205d1606e6d981f89a6b312bfedc00e2195e947729108d0c0d32b75b6d9a7794e7a29663baee12d7a5e64c13ee588edf70274a9697081cbc6e7292b0dd
Static task
static1
Behavioral task
behavioral1
Sample
MV TBN CALL PORT FOR LOADING COAL_pdf.exe
Resource
win7
Behavioral task
behavioral2
Sample
MV TBN CALL PORT FOR LOADING COAL_pdf.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
MV TBN CALL PORT FOR LOADING COAL_pdf.exe
-
Size
527KB
-
MD5
aa683fc072f3ae7d3746555ad0d2fa86
-
SHA1
6e3a1234cfc5658c9da297cba29d5869b7d48906
-
SHA256
5f26ec6a89a14aedcee85883d41d5ca81a2ba2a7c99ec464abaa5bd63b6cbe1b
-
SHA512
ca3733205d1606e6d981f89a6b312bfedc00e2195e947729108d0c0d32b75b6d9a7794e7a29663baee12d7a5e64c13ee588edf70274a9697081cbc6e7292b0dd
Score6/10-
Adds Run entry to start application
-
Suspicious use of SetThreadContext
-