General
-
Target
Cotización ref#8024108130.pdf(89kb).exe
-
Size
1.3MB
-
Sample
211206-nnvp2agge4
-
MD5
b8c759b59611c0776e62fc70aa89ffb6
-
SHA1
bb3841b237127c1654d602283026996f62001012
-
SHA256
325a8b36cd43c91d8a678907611a8ec5c78719809cf1a4cdb3d03f84de59ec50
-
SHA512
fc484c0321d9ef8a2657a5291b0af2a6f102864d349304cce87692ab788cf1c339d90ee15e154061edfed5f8a8a6f44b797c2296d6467ceff7dd112c8ea25739
Static task
static1
Behavioral task
behavioral1
Sample
Cotización ref#8024108130.pdf(89kb).exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
Cotización ref#8024108130.pdf(89kb).exe
Resource
win10-en-20211104
Malware Config
Targets
-
-
Target
Cotización ref#8024108130.pdf(89kb).exe
-
Size
1.3MB
-
MD5
b8c759b59611c0776e62fc70aa89ffb6
-
SHA1
bb3841b237127c1654d602283026996f62001012
-
SHA256
325a8b36cd43c91d8a678907611a8ec5c78719809cf1a4cdb3d03f84de59ec50
-
SHA512
fc484c0321d9ef8a2657a5291b0af2a6f102864d349304cce87692ab788cf1c339d90ee15e154061edfed5f8a8a6f44b797c2296d6467ceff7dd112c8ea25739
Score10/10-
Looks for VirtualBox Guest Additions in registry
-
Adds policy Run key to start application
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Accesses Microsoft Outlook accounts
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Program crash
-
Suspicious use of SetThreadContext
-