Overview

overview

10

Static

static

9

PO_Invoices_pdf.exe

windows7_x64

9

PO_Invoices_pdf.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ea073ddc357d19912eeb45d967fd80c742a676cf9f00ad8d7ade93be5e4b101

  • Size

    1.2MB

  • MD5

    472d076a50474e002f4bd798eac94876

  • SHA1

    4d6f29a4f6a496394156ed800b4dfd6cd952d4f0

  • SHA256

    2ea073ddc357d19912eeb45d967fd80c742a676cf9f00ad8d7ade93be5e4b101

  • SHA512

    faaa86c4c78d4cd741d41842a09b457489346c32ab8ac5226641d60fc64d10a3d5abe64bff1bc2bd0ebd5b74f12e196f5dc959478fe57fb63d2722ce3591f3cb

  • SSDEEP

    24576:z9mm9W50G+UvOKDMdh4DEW+jXqnSy5N16l6GOHRUVTR63:zB9lG2KDMdh4D8pAFFyVtc

Score
9/10

Malware Config

Signatures

  • Beds Protector Packer 1 IoCs

    Detects Beds Protector packer used to load .NET malware.

Files

  • 2ea073ddc357d19912eeb45d967fd80c742a676cf9f00ad8d7ade93be5e4b101
    .zip
  • PO_Invoices_pdf.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections