General
-
Target
Payment Confirmation_pdf.exe
-
Size
6.8MB
-
Sample
211005-pa5thsaadk
-
MD5
ba8d0f2355ba88d4833cb563fd88dcd5
-
SHA1
7304cb58dbb342415f9703b24f0ac1a87cf2f6df
-
SHA256
fbccca4d8868b54f1d1741eb80cf9dc88953b5fd77284b61faa2bd240023d63c
-
SHA512
ee341a10f753b829611e83b6078b9deca3dbf75541bf9395c43706e10ee17617b214be1e4ca6e5b11756d405b8a7b37c2327d44c16970e9d3d4853de078e5276
Static task
static1
Behavioral task
behavioral1
Sample
Payment Confirmation_pdf.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
Payment Confirmation_pdf.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
Payment Confirmation_pdf.exe
-
Size
6.8MB
-
MD5
ba8d0f2355ba88d4833cb563fd88dcd5
-
SHA1
7304cb58dbb342415f9703b24f0ac1a87cf2f6df
-
SHA256
fbccca4d8868b54f1d1741eb80cf9dc88953b5fd77284b61faa2bd240023d63c
-
SHA512
ee341a10f753b829611e83b6078b9deca3dbf75541bf9395c43706e10ee17617b214be1e4ca6e5b11756d405b8a7b37c2327d44c16970e9d3d4853de078e5276
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-