General
-
Target
27f9c7625c39cc1ce7d0af02dbf8de4a60bc674e17aa5276e708ab366fad7953
-
Size
36KB
-
Sample
220130-tap6aaece3
-
MD5
cb56cbfa87f38a41216b5b4a68ad971e
-
SHA1
ee1ede79dd06bbfaf73d77e96d90dde6d3407b47
-
SHA256
27f9c7625c39cc1ce7d0af02dbf8de4a60bc674e17aa5276e708ab366fad7953
-
SHA512
b0f07056613693c63b18aa383e3dfbf2c1fc54314fbd10bec9cfd9c5c08b252747038fd799b31308e0bdf17dbc753af678867d888deaba63570d3d160fadd557
Static task
static1
Behavioral task
behavioral1
Sample
RFQ2019240611111111111111_ENQUIRY19995C_PDF.js
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
RFQ2019240611111111111111_ENQUIRY19995C_PDF.js
Resource
win10-en-20211208
Malware Config
Extracted
wshrat
http://unknownsoft.duckdns.org:7755
Targets
-
-
Target
RFQ2019240611111111111111_ENQUIRY19995C_PDF.js
-
Size
104KB
-
MD5
3e1d45dd6fef116c4a45cc81997027dc
-
SHA1
a2cd3a0ecc900664510a9c3e2ff00faa943d3d6b
-
SHA256
4eb6e69e7df76b5e84ecc4dc6f569fe2ad0f9763fc015014c2b23aa1c82f7332
-
SHA512
4d9052a10888af2c0feb5ec301681736b3c3374e84733d5edef5f7d026ab951b1e69760c72e53fc904b58733ea0fb680787980e0a7aacbc3051be85a34df3fd4
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-