General
-
Target
message.zip
-
Size
28KB
-
Sample
210726-lr9p6xe6ms
-
MD5
86b29cacd93716c7aea3c8032538d7d3
-
SHA1
fc7af917cc6e3349c6fa7bb5f8fe8665c2415702
-
SHA256
01a3ee1c77cb5370b20d02adffe9419548ae426537176bfc6735e108f0a64167
-
SHA512
10c74bd05c74d46a2bbac7713f509e9de8a14e660cce7107e0f75a038cc9f1555622fb8f54e9dfb7df428b9b617983b15ec1627431e4f5b51a37b2bfe3e19d5b
Static task
static1
Behavioral task
behavioral1
Sample
message.html.pif.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
message.html.pif.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
message.html .pif
-
Size
28KB
-
MD5
d62a2464dd5da924d8e357419cad7665
-
SHA1
c3d1fa2dc1a262bdf190725ec5bbe9b13c45c280
-
SHA256
3a5b62a20c308109f7f25df1101edec3a311e1d5144d460359250ab89e97c0eb
-
SHA512
af2467e0f6eeb10913984cf79a75c1b6577c0da77c06ac428f0f7b1390e91f2a8fa6b2fd8466edc650d7ea32495776a8e10a41f5dbdfba5de9ea2058570c1fde
Score10/10-
suricata: ET MALWARE Suspicious Email Attachment Possibly Related to Mydoom.L@mm
-
Executes dropped EXE
-
Adds Run key to start application
-