General
-
Target
CCMA Final Reminder Case CCMAKK1029873700.PDF.exe
-
Size
368KB
-
Sample
201020-g735wsbs5j
-
MD5
ea4acb06f594dde31f5bd4862932f1de
-
SHA1
d62f15f53bf1d55357e3aecd83d93de1043192d8
-
SHA256
a96869310ed26453df874d380555cc891068510413dd8702ef6ce850f8faef6a
-
SHA512
b5f65b06bbe08e19ae295df84d2cfb61f9967b725e4ae7f5359d1a56bdda55c57abeee472882d79ae4c92e710a52632250b6a61b2d0541e623f0921969578569
Static task
static1
Behavioral task
behavioral1
Sample
CCMA Final Reminder Case CCMAKK1029873700.PDF.exe
Resource
win7
Malware Config
Targets
-
-
Target
CCMA Final Reminder Case CCMAKK1029873700.PDF.exe
-
Size
368KB
-
MD5
ea4acb06f594dde31f5bd4862932f1de
-
SHA1
d62f15f53bf1d55357e3aecd83d93de1043192d8
-
SHA256
a96869310ed26453df874d380555cc891068510413dd8702ef6ce850f8faef6a
-
SHA512
b5f65b06bbe08e19ae295df84d2cfb61f9967b725e4ae7f5359d1a56bdda55c57abeee472882d79ae4c92e710a52632250b6a61b2d0541e623f0921969578569
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-