General
-
Target
DHL_PACKAGE_HD98232.pdf.001
-
Size
1.1MB
-
Sample
210708-nqghl5eldj
-
MD5
b97ef142d18371524053f1f302b2f195
-
SHA1
d08898414e78ddc5e1cb5217efa28a012652ea53
-
SHA256
5777f5810423f9e0bc678ef97b0fef98a843d7e90e4257819850c0ef12ac8055
-
SHA512
b18226cb8c6f6ede08edf4d30c3b7b896acb8e49fc9d83549fc354acf68ad5181ff6d822cbd88e02f834623a0ef292d72e08961ec133325d5cd9f2f34e3d8a32
Static task
static1
Behavioral task
behavioral1
Sample
DHL_PACKAGE_HD98232.pdf.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
DHL_PACKAGE_HD98232.pdf.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
DHL_PACKAGE_HD98232.pdf.exe
-
Size
1.3MB
-
MD5
0e72b26fbd7f27c2753c02193337c280
-
SHA1
fc000dd71eeace99e08c54e6a8ec6d578c80ed20
-
SHA256
6095dd10965d4e081e87c366736e0305b7d42f84dbdb10471bcedacfe145f7a5
-
SHA512
0f222aef8358f3a712871316eb9aa1c24efc36c90396701c4cbae558a3e52bab6c6acedd2a21555e914204fab47f30b586a6322a81fa925042c05eda4ec34950
Score10/10-
RevcodeRat, WebMonitorRat
WebMonitor is a remote access tool that you can use from any browser access to control, and monitor your phones, or PCs.
-
WebMonitor Payload
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-