General
-
Target
SMH 20211202_PEDIDO DE COTAÇÃO - 14pcs.PDF(76KB).rar
-
Size
365KB
-
Sample
211202-rse2xshgaj
-
MD5
c3094c2d6dbd6c17be9abcca9d623ab6
-
SHA1
b79f2a007b9a2136c9c1cc25154e4d0955760ef8
-
SHA256
f5c017bf576efb522edeb67f8c7a1639f96e938160e0080a28948983f1588f35
-
SHA512
06a737eace954bdf64a4bc6bc5f80be587e7a4765d3d5467b3811e9928f6c1e213efc616b37f8cda8de6b67ac9186b19bb40c5a0368e0ee00a69967440ce1d4d
Static task
static1
Behavioral task
behavioral1
Sample
SMH 20211202_PEDIDO DE COTAÇÃO - 14pcs.PDF(76KB).exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
SMH 20211202_PEDIDO DE COTAÇÃO - 14pcs.PDF(76KB).exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
SMH 20211202_PEDIDO DE COTAÇÃO - 14pcs.PDF(76KB).exe
-
Size
414KB
-
MD5
8de75b79c09e93fec4d7876133f94dc1
-
SHA1
2bf7c25ffe326789054d1b0a32c5768263972e40
-
SHA256
325c126322ffc636a4964c017c4258b6551d2104ccd8acd7794cecafad437a6b
-
SHA512
81f73bf2d1c67e2d7ab35bf29feafbbca96c410a082ff81bea426a013a9a247f9f984e97a0cfd683e937b0523f4bc352ca67c94d6d95fe014e9f6ed24d8d3622
Score10/10-
Looks for VirtualBox Guest Additions in registry
-
Adds policy Run key to start application
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-