Analysis
-
max time kernel
111s -
max time network
41s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
27-09-2021 01:05
Static task
static1
Behavioral task
behavioral1
Sample
PO N. 오르딘 338390208B,pdf.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
PO N. 오르딘 338390208B,pdf.exe
Resource
win10-en-20210920
windows10_x64
0 signatures
0 seconds
General
-
Target
PO N. 오르딘 338390208B,pdf.exe
-
Size
673KB
-
MD5
e8f7cefb49fe42b90abf1909ad447bec
-
SHA1
1bc891a06c4ab60d5b5d2ce82fe2fae202486078
-
SHA256
8b89e7df4374d46bfab35e174ecf20f2f1401afee86fad3585b0084c05007f19
-
SHA512
f2f8f041e8bb78890acd5421ae01c7af41ac52e83b3da7d1fdb95812b16400f40ac06c69983fd537b91d19e34b81c8674261c772cadd7629cfe8b4a41a9385b7
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.