fbccca4d8868b54f1d1741eb80cf9dc88953b5fd77284b61faa2bd240023d63c | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Payment Co...df.exe

windows7_x64

7

Payment Co...df.exe

windows10_x64

7

Sharing

General

Target

Payment Confirmation_pdf.exe
Size

6.8MB
Sample

211005-pa5thsaadk
MD5

ba8d0f2355ba88d4833cb563fd88dcd5
SHA1

7304cb58dbb342415f9703b24f0ac1a87cf2f6df
SHA256

fbccca4d8868b54f1d1741eb80cf9dc88953b5fd77284b61faa2bd240023d63c
SHA512

ee341a10f753b829611e83b6078b9deca3dbf75541bf9395c43706e10ee17617b214be1e4ca6e5b11756d405b8a7b37c2327d44c16970e9d3d4853de078e5276

Score

7^/10

pyinstaller

Static task

static1

Behavioral task

behavioral1

Sample

Payment Confirmation_pdf.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Payment Confirmation_pdf.exe

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Payment Confirmation_pdf.exe
- Size
  
  6.8MB
- MD5
  
  ba8d0f2355ba88d4833cb563fd88dcd5
- SHA1
  
  7304cb58dbb342415f9703b24f0ac1a87cf2f6df
- SHA256
  
  fbccca4d8868b54f1d1741eb80cf9dc88953b5fd77284b61faa2bd240023d63c
- SHA512
  
  ee341a10f753b829611e83b6078b9deca3dbf75541bf9395c43706e10ee17617b214be1e4ca6e5b11756d405b8a7b37c2327d44c16970e9d3d4853de078e5276
Score

7^/10
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy