General
-
Target
CS-SUPPLIER QUOTATION SPECIFICATION 2022-0120 45PCS.PDF(97KB).exe
-
Size
380KB
-
Sample
220120-jbv3taggd4
-
MD5
1402bc75caa465e3c69c302a7390a8e7
-
SHA1
df94f132f82c48cdda43a1121266320a1520ffdc
-
SHA256
25a80f4addf74c82d8ae815164c44dcd530fd59fc278f306552d35d5140b880b
-
SHA512
5fc4fe7216c19ae454bf681a53bf0a573a4aed13ca2d596c2c361b4390cffe4b232887e32c1bbf75b6d770100e4878a88b7fea564c7efee211bf80c763f0bcc2
Static task
static1
Behavioral task
behavioral1
Sample
CS-SUPPLIER QUOTATION SPECIFICATION 2022-0120 45PCS.PDF(97KB).exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
CS-SUPPLIER QUOTATION SPECIFICATION 2022-0120 45PCS.PDF(97KB).exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
CS-SUPPLIER QUOTATION SPECIFICATION 2022-0120 45PCS.PDF(97KB).exe
-
Size
380KB
-
MD5
1402bc75caa465e3c69c302a7390a8e7
-
SHA1
df94f132f82c48cdda43a1121266320a1520ffdc
-
SHA256
25a80f4addf74c82d8ae815164c44dcd530fd59fc278f306552d35d5140b880b
-
SHA512
5fc4fe7216c19ae454bf681a53bf0a573a4aed13ca2d596c2c361b4390cffe4b232887e32c1bbf75b6d770100e4878a88b7fea564c7efee211bf80c763f0bcc2
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Adds policy Run key to start application
-
Sets service image path in registry
-
Accesses Microsoft Outlook accounts
-
Adds Run key to start application
-
Program crash
-
Suspicious use of SetThreadContext
-