Overview

overview

7

Static

static

4

ForwardMai...le.exe

windows10-2004-x64

7

ForwardMai...le.pdb

windows10-2004-x64

3

ForwardMai...it.pdb

windows10-2004-x64

3

ForwardMai...it.pdb

windows10-2004-x64

3

ReleasePlu...DF.htm

windows10-2004-x64

1

ReleasePlu...lp.odt

windows10-2004-x64

1

ReleasePlu...ew.exe

windows10-2004-x64

5

ReleasePlu...ew.pdb

windows10-2004-x64

3

ReleasePlu...ry.cmd

windows10-2004-x64

1

ReleasePlu...me.cmd

windows10-2004-x64

1

ReleasePlu...df.cmd

windows10-2004-x64

1

ReleasePlu...ry.cmd

windows10-2004-x64

1

ReleasePlu...me.cmd

windows10-2004-x64

1

ReleasePlu...df.cmd

windows10-2004-x64

1

ReleasePlu...ry.cmd

windows10-2004-x64

1

ReleasePlu...me.cmd

windows10-2004-x64

1

ReleasePlu...df.cmd

windows10-2004-x64

1

ReleasePlu...ox.cmd

windows10-2004-x64

1

ReleasePlu...ig.txt

windows10-2004-x64

1

mboxview.exe

windows10-2004-x64

3

mboxview64.exe

windows10-2004-x64

3

scripts/HT...ry.cmd

windows10-2004-x64

1

scripts/HT...me.cmd

windows10-2004-x64

1

scripts/HT...df.cmd

windows10-2004-x64

1

scripts/HT...ry.cmd

windows10-2004-x64

1

scripts/HT...me.cmd

windows10-2004-x64

1

scripts/HT...df.cmd

windows10-2004-x64

1

scripts/HT...ry.cmd

windows10-2004-x64

1

scripts/HT...me.cmd

windows10-2004-x64

1

scripts/HT...df.cmd

windows10-2004-x64

5

scripts/PD...ox.cmd

windows10-2004-x64

1

scripts/pd...ig.txt

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mbox-viewer.exe-v1.0.3.34.zip

  • Size

    42.7MB

  • Sample

    220928-2efreahbh8

  • MD5

    efab7634e2f9235b7da249a1913c656e

  • SHA1

    ebab3c25c8bcc8acec975696c6b4e8aaeb8182b6

  • SHA256

    579da36c31cc4e5d556f6298ee204184a357a3bdeeb8b94586ae217900408c72

  • SHA512

    6d9332722a1b8d58bbb3b786245d3e976c4caf34f3ee7044c045fac45989fa90a7e444e818fec2711b897600b5a71d8974707a71e3686c58b60a0e783d04d5bd

  • SSDEEP

    786432:Sp54SPNAvdKrBnFeiIYaf0r4Mk6NfRcFrPIE9q5t/3fePsb/DP3lyhBWIDfNk5u4:sbIdKr9YyamRGFkE9qP3fSsbrlIWI5D4

Score
7/10
linkpdf

Malware Config

Targets

    • Target

      ForwardMails/ForwardEmlFile.exe

    • Size

      66.8MB

    • MD5

      742702b05de177c5b0f998e5fcf15c4c

    • SHA1

      a886b60b61711a8ae1fedc42896b292b5043d1c0

    • SHA256

      ff48d80441779403dcbff56924ba642e11180e113a91d37f1ed8538e6b9ce0ec

    • SHA512

      119719f3623d235297476429c82888dd45ac0862266fae30df3c4dc76ca8fe56e092d4eeac1a229cba260e47e117f367a1f8a53886be11f45620c5e838dbd4b0

    • SSDEEP

      1572864:XMTKLbsVYIlPq3rYkctmFV1Ga6cbgghbqa9Kbu3bFYF8R0ROt11L9ax8ddBfM7H9:8TKLbEv7GPs++

    Score
    7/10

    • Loads dropped DLL

    behavioral1

    • Target

      ForwardMails/ForwardEmlFile.pdb

    • Size

      15KB

    • MD5

      cb40c7baa655a67aad338edaabc2aa51

    • SHA1

      bff944b8b0aef8d4fcd04593597b5429a9d9fbfd

    • SHA256

      e02788db7d322e31fa84dea1e00fd96b98eca31e5bf91a62a6f2b8559bf82819

    • SHA512

      41a40a0930392f1d1c0edeca122884579078466b95a881572e094849fab5026ba1604599642bca82246943182ef270c0d0f62ed8f3c8a9c23826ffef51a521db

    • SSDEEP

      384:qvPvPvNpskLbie/dzRsLaVV6tD7jZszQZczXWCNS6RHKfujk3KeGXtJppVcRwgGo:qnnvsMbiOHc0BHtJmHjn

    Score
    3/10
    behavioral2

    • Target

      ForwardMails/MailKit.pdb

    • Size

      245KB

    • MD5

      ac472f76399f2be95599b42d951fa51f

    • SHA1

      182c20a5c84e84ad4fd9af4ea9420a748fd8c1a2

    • SHA256

      f6d2bd103dd3e56b6fa4fb8c9320e9df2f4bd3fceb94b0ef6f61f3478af7ed47

    • SHA512

      c162f9c9c212fcb083b775d94c8bc88b84522bfc24e1ec4986c4e3ef272d65a2ea3f8ee9e977da28b8f8fa49b6153ecebd2894356a14ca61da6ad76dded4f173

    • SSDEEP

      3072:5i9SC/K2ovizgp3Vohwfu7kQgzcNk/bstDMH6o/HwXlMlT/DBR6Q30pB:5ic2ooe3Wha5Uk/BSSrb9YB

    Score
    3/10
    behavioral3

    • Target

      ForwardMails/MimeKit.pdb

    • Size

      290KB

    • MD5

      3a2bc723a6840a9c5b0b097a9906131b

    • SHA1

      ef89f5d7fd5d51bf1b307f3e5ccc6db8bb7ab5e4

    • SHA256

      e735efdb7868e10883ba70c4c027e27e5a1cb733b15363b5f7493087a96d3a90

    • SHA512

      7a12c548954c249f302e6ea78304e7df4f575794d67ef5b8941f16056cc55aecacddbc24d40b111d731fe91ff68198752947a9fe14187aecc13fd5dab0ff4fe0

    • SSDEEP

      3072:Hr2/2yvoUdsu9Jpj1Kuk//OkwqWIV9khaQ+twXbI5R4HObQ3R8k+jeLTqDJo1/Gf:Hr2OyvJsuTs/OkwHI/kraMO83Qr2wP

    Score
    3/10
    behavioral4

    • Target

      ReleasePlusStackTrace/HelpFiles/PrintMultipleMailsToPDF.htm

    • Size

      4KB

    • MD5

      61d929c72fa3e0252e294e7230414da2

    • SHA1

      dc214fabc30d7ed9475db1738a346bdef2a497de

    • SHA256

      8c5583f326313ce00ecf76c88328332ffd0ef797bd37484973f5c52051e2806e

    • SHA512

      1bd26fd45df10599948cdec6b8416efcb8514e169af1b44c84c32f6be2a450aa5a0f854ef1b6e4bc26fe5ae1f8e8778b7c57be1caa2520b0b7aca9fcd9e838cd

    • SSDEEP

      96:rV0yMtwM7iN4C6f6U9KnObEmcgPbkv65ynw49FFxn4xG2zyY:rGyK7iNd6f60w63RTkv6Ow49FFOlzh

    Score
    1/10
    behavioral5

    • Target

      ReleasePlusStackTrace/HelpFiles/SearchHelp.odt

    • Size

      13KB

    • MD5

      2dd82ef8a53b1b47ce6d1d71f4f9fa71

    • SHA1

      bfb221bdb654919a8346aac78ab3146eba527225

    • SHA256

      01ccc9f734c68e216c30df89320044e6c8c42ba11e7497fff6abb11497fd5dd8

    • SHA512

      626037c651ee4653e68961960c3cbf85c30efe6ed760131d63cee00529dc5867ea925a2099b5e11c720f0c12a5f308d60fd328b9672c7c1ba21c4c6dfe1d5d97

    • SSDEEP

      192:eortf+xVXKFZO4hYl8ANA84HArfx+mWpa2km1PVwWMe28xcLF83BLxorC0Wdsfb2:jrt2DXKFlGF4HUxjWU21RVORrRMp1D

    Score
    1/10
    behavioral6

    • Target

      ReleasePlusStackTrace/mboxview.exe

    • Size

      3.0MB

    • MD5

      bc059e0bb31595a59fb7a854919e58df

    • SHA1

      490e31fbedc656cb4a81e218d9287fb8caeb1eec

    • SHA256

      25676bc846fdc0ed87b9ef1b6e6d426674d2f4499c472477f016d3bce2ab1542

    • SHA512

      d794e8ecab8b3140aa4f2776cb368023f43d028fa4f2c72ac44adbc4b3816c29a4fb418d7f9edf2e95f0a1973e828e155f4db31639f03097d25ec3f911e4e1e3

    • SSDEEP

      49152:EYWhMADg4iGopsHrwnUB8ajXDaMHzYTgUqFCPHJk1Cx0LIu+s5jw0XpIvS:BW41psHr/aaTDaMTYTgPCPHJ8h5

    Score
    5/10

    • Drops file in System32 directory

    behavioral7

    • Target

      ReleasePlusStackTrace/mboxview.pdb

    • Size

      32.9MB

    • MD5

      c9bcb1ff833633b4ad68a17ca77242ca

    • SHA1

      30eea2fbd43f89fa5fdc46eb50f936a961aaae33

    • SHA256

      1545f1e38bcfc97f41d49785a44e7601e9d3870b1b6bf22e1eb9fa272c8599e7

    • SHA512

      8ac67b7cea2dcefafd81d4f57bc317ea117d17761bca6dc3dc01e8f3ec11021589fb09e86f1351d9ec1b30632718d552bcad453c8e603c4d0ab9769badd8d56f

    • SSDEEP

      196608:Cv+cl9BCqvOvSQY1qD4wsSCZMsZ25Z6sKfAhZqhrQrgpH1ao7f8:Ct9NVNM1z6sK4srQrcpf8

    Score
    3/10
    behavioral8

    • Target

      ReleasePlusStackTrace/scripts/HTML2PDF-all-chrome-canary.cmd

    • Size

      1KB

    • MD5

      816c56b3ff94ff9041a3a6a73a1f7076

    • SHA1

      f77677efe826659b561fa6aea793d7575313021b

    • SHA256

      a26fecb4b814cb30cefaad74659a8f8af0da5e9736cb6045924e64a40f657442

    • SHA512

      78a7dca6fff4f5ab4cb0cab7a53a21657a61bef7941e49258e7a9a8a82bd409951f7a0e297c02f7b697150b3a056c28e6275f8ba726fb5657f6844773a7e4f0c

    Score
    1/10
    behavioral9

    • Target

      ReleasePlusStackTrace/scripts/HTML2PDF-all-chrome.cmd

    • Size

      1KB

    • MD5

      54b1f51c8235370824cc362dda3d7265

    • SHA1

      8313ff5b1e7635c96594de2e588199f6fda932a2

    • SHA256

      6b11f42e26cba67d7f92fa637d33a92b97a3c4bc5957a99a7db68fcd608d6b0c

    • SHA512

      6d915190f779a38a954e4bc94293c0c1f4b8cbb79f5dc465b5f46a8aeb27f4fe1bb9421d78d35a67d2e3b7dd42257871ecd7bdadcadbd2fcf9bbc1b5e9cb77b1

    Score
    1/10
    behavioral10

    • Target

      ReleasePlusStackTrace/scripts/HTML2PDF-all-wkhtmltopdf.cmd

    • Size

      2KB

    • MD5

      12c5677e276e8a21d0275cef018a8a20

    • SHA1

      afd6febd736406a4417a9d1a4a1e3393a0fac073

    • SHA256

      906d0ae344887621fef863edf08179095dfe09f3a3d3134db4342cd23821a8f5

    • SHA512

      5672aae9d7f4d5be5d975f80b84ab37a4eeb8a66845633ac5431d5a5280fac51b876d2f07ea3e6438c10daad1dfcde76e6658ecca0442a133cb91c145c85456a

    Score
    1/10
    behavioral11

    • Target

      ReleasePlusStackTrace/scripts/HTML2PDF-group-chrome-canary.cmd

    • Size

      2KB

    • MD5

      7a3ef9d8f8cfc6cf8c392d9ad97a2560

    • SHA1

      638aeabcc98bc50d142102bd15486b69dc7e9161

    • SHA256

      621dccaa1b415526d3431f8f3e65d13d3471d6b2be165ee6449029078f6e9998

    • SHA512

      aa88507ab4f5a137b31ec95b5bc5dffe3ca148ace745347dd480e556a00ce6e6bbfa2467bf0d319d53da2072a32887007a085c926c8d47f1c4f6a40325ac650e

    Score
    1/10
    behavioral12

    • Target

      ReleasePlusStackTrace/scripts/HTML2PDF-group-chrome.cmd

    • Size

      2KB

    • MD5

      5e764cace79da5c45aba59f824d5eb99

    • SHA1

      990f394e544de7c59015b3bf4d6191d3327ac2ad

    • SHA256

      c9e4693ea00f148e1998308b3e262f52a035121459a9bc97c6284d72588b4d3d

    • SHA512

      bbbeba4bfb70f478d7bd34aa602a8098e927bc4bcbdc1793a180c681b13f4dd370cd5db6e60c84219f0aafb34d6ccea514bfdd529a00325527d4a2e73f33008b

    Score
    1/10
    behavioral13

    • Target

      ReleasePlusStackTrace/scripts/HTML2PDF-group-wkhtmltopdf.cmd

    • Size

      2KB

    • MD5

      3c28264936d7888db8c8fae0592b89da

    • SHA1

      18b99d0eb76d54698f440d1aaad718b7ec81a66a

    • SHA256

      9e69940c9f07d2d5f65ec03ff8b062a09f9402319a2357ab6b02957f636bd5b7

    • SHA512

      6ce111ec457ddbd3b40c515315d8a4345d78502ede6d50f0a3d986ac2f67010073b708414a0feb46e390f6bdd6a2b816b58a86e673dcea69f8a08c2196342d1e

    Score
    1/10
    behavioral14

    • Target

      ReleasePlusStackTrace/scripts/HTML2PDF-single-chrome-canary.cmd

    • Size

      2KB

    • MD5

      5601ee4ad38d38ecf7194a592487284b

    • SHA1

      06db6f213f7fe9eebaa84f2cd37ef1d9c3af3505

    • SHA256

      83a06d574a1cce64446dc49a4de47daac4452f45fec1d42210a38d682ab494a6

    • SHA512

      daa9f6df248ab9a301a955ccb4704db62af76ff77b7491137b37fe4b249753667bf8635157fbaa9738e93f5f0411dd77fdf003684c4492b9e67bc69b77041054

    Score
    1/10
    behavioral15

    • Target

      ReleasePlusStackTrace/scripts/HTML2PDF-single-chrome.cmd

    • Size

      2KB

    • MD5

      bd4446087015015b971d3386b7e8b9cd

    • SHA1

      b6fe725bfd96b294bc0cf5d59ddd79ece827a4df

    • SHA256

      1087c0e45edba0c798704e312b306b8795e6155ae83a603a29742c59288ad1cb

    • SHA512

      6ac8f36a3995e6168a43adb354af917410ee1a8d7e2a7b6b4b2199606f49d102ee6144ad9adbd9668c224bb42f26344a0332f42ab9dc350ddfb9ee60c38dfd47

    Score
    1/10
    behavioral16

    • Target

      ReleasePlusStackTrace/scripts/HTML2PDF-single-wkhtmltopdf.cmd

    • Size

      2KB

    • MD5

      d943fbd7083a8530772ddcbbacb0daa1

    • SHA1

      b288200637dd01f5968ab0b08624648a05338963

    • SHA256

      7569f34bfd784f22cabd073cff7042bd912eef56dbaeda1ebaee4646c1f894b9

    • SHA512

      ec3b623ec3da4b1b30af4e008772e1a36a2a7d1fa4e1f889bc08c0bfca474a7c301b0ae132d3339439973870dcaad0800e507a23d95497ec33a89607048ec1df

    Score
    1/10
    behavioral17

    • Target

      ReleasePlusStackTrace/scripts/PDFMerge-pdfbox.cmd

    • Size

      4KB

    • MD5

      da5359a7bfe902ed99b3f7042542f4ad

    • SHA1

      720dcff01bb3735bf6c25ffa5de4d25b1bc55d60

    • SHA256

      7ed4ec705282f8a849737faa300c1b15d55b85015b13f57088b2bfb9d30c79c5

    • SHA512

      4d35663d2b3d158c274a7b9c7a7ae534f7e0bd08b61710b929047192366555c8d8dd0564b38aaac855ad7f03826c883359885a389a5fa76da410433f557e2868

    • SSDEEP

      96:3I2KVKTTfUBxfDeTPwogDtDsK2SlM0t68RM0RXx:3isffUzDe7woctDV3W+h

    Score
    1/10
    behavioral18

    • Target

      ReleasePlusStackTrace/scripts/pdfbox-config.txt

    • Size

      1KB

    • MD5

      38602b9770e1751a83b3472b82a95e62

    • SHA1

      119a7e459c664fab75e5b1c42090a3c79681daf6

    • SHA256

      bc888c1af2034978f1ec948c6525f1c86117681c0ab30b58679116415fa2a3d0

    • SHA512

      92d3e03d0f0bca06fa05c4f8f1a02ee252ceeb564b03708f7349824c998ed6d6defb3d9f3c883272f275db3f513807e7e00936ee6a9851e138bd3343c68de572

    Score
    1/10
    behavioral19

    • Target

      mboxview.exe

    • Size

      3.1MB

    • MD5

      c7e29e4879017410ee0d64f492dbc68e

    • SHA1

      73fa1aa87906c70151ee87f3fad371447518f1fd

    • SHA256

      38696c24a87fc5db0049bf159700e168f00f991cdc5f3db92e83c19928c27bc4

    • SHA512

      4923e9d289923d33d93c6103bd3c2be41dd0b85692a27b11066c2572f4714edaebcff4e24c1eb7633ad509cf01264882d9479acf33131c8eb44785ad826bbc96

    • SSDEEP

      98304:CSSiIAKG9a/xonPrcnCFF8nFPsbcr7ND4:CSlIxGEWn8FPsbu7h

    Score
    3/10
    behavioral20

    • Target

      mboxview64.exe

    • Size

      6.6MB

    • MD5

      bc2a11709ac3ad8a9ce16808d7bc676f

    • SHA1

      8083097367fca81db97a215fad11014493d22de5

    • SHA256

      808389a48e4b14fd2c6712151ee62cfddb472333b7de52d67734d890cb47c678

    • SHA512

      794e52239a6f67e8eae8f37f94b7f9250a70a98c76d9fff340789da0d48f46f5caceb299cdc81841f1edfd9f3f94a53677f199be6acda09d0d13d648991ec2f5

    • SSDEEP

      98304:oqa79d+VMkTsJ+Nb++bLy3w/iyt+ws1Wy7heYH0o:oqa79d+Dbh++bLj/iytMH0o

    Score
    3/10
    behavioral21

    • Target

      scripts/HTML2PDF-all-chrome-canary.cmd

    • Size

      1KB

    • MD5

      816c56b3ff94ff9041a3a6a73a1f7076

    • SHA1

      f77677efe826659b561fa6aea793d7575313021b

    • SHA256

      a26fecb4b814cb30cefaad74659a8f8af0da5e9736cb6045924e64a40f657442

    • SHA512

      78a7dca6fff4f5ab4cb0cab7a53a21657a61bef7941e49258e7a9a8a82bd409951f7a0e297c02f7b697150b3a056c28e6275f8ba726fb5657f6844773a7e4f0c

    Score
    1/10
    behavioral22

    • Target

      scripts/HTML2PDF-all-chrome.cmd

    • Size

      1KB

    • MD5

      54b1f51c8235370824cc362dda3d7265

    • SHA1

      8313ff5b1e7635c96594de2e588199f6fda932a2

    • SHA256

      6b11f42e26cba67d7f92fa637d33a92b97a3c4bc5957a99a7db68fcd608d6b0c

    • SHA512

      6d915190f779a38a954e4bc94293c0c1f4b8cbb79f5dc465b5f46a8aeb27f4fe1bb9421d78d35a67d2e3b7dd42257871ecd7bdadcadbd2fcf9bbc1b5e9cb77b1

    Score
    1/10
    behavioral23

    • Target

      scripts/HTML2PDF-all-wkhtmltopdf.cmd

    • Size

      2KB

    • MD5

      12c5677e276e8a21d0275cef018a8a20

    • SHA1

      afd6febd736406a4417a9d1a4a1e3393a0fac073

    • SHA256

      906d0ae344887621fef863edf08179095dfe09f3a3d3134db4342cd23821a8f5

    • SHA512

      5672aae9d7f4d5be5d975f80b84ab37a4eeb8a66845633ac5431d5a5280fac51b876d2f07ea3e6438c10daad1dfcde76e6658ecca0442a133cb91c145c85456a

    Score
    1/10
    behavioral24

    • Target

      scripts/HTML2PDF-group-chrome-canary.cmd

    • Size

      2KB

    • MD5

      7a3ef9d8f8cfc6cf8c392d9ad97a2560

    • SHA1

      638aeabcc98bc50d142102bd15486b69dc7e9161

    • SHA256

      621dccaa1b415526d3431f8f3e65d13d3471d6b2be165ee6449029078f6e9998

    • SHA512

      aa88507ab4f5a137b31ec95b5bc5dffe3ca148ace745347dd480e556a00ce6e6bbfa2467bf0d319d53da2072a32887007a085c926c8d47f1c4f6a40325ac650e

    Score
    1/10
    behavioral25

    • Target

      scripts/HTML2PDF-group-chrome.cmd

    • Size

      2KB

    • MD5

      5e764cace79da5c45aba59f824d5eb99

    • SHA1

      990f394e544de7c59015b3bf4d6191d3327ac2ad

    • SHA256

      c9e4693ea00f148e1998308b3e262f52a035121459a9bc97c6284d72588b4d3d

    • SHA512

      bbbeba4bfb70f478d7bd34aa602a8098e927bc4bcbdc1793a180c681b13f4dd370cd5db6e60c84219f0aafb34d6ccea514bfdd529a00325527d4a2e73f33008b

    Score
    1/10
    behavioral26

    • Target

      scripts/HTML2PDF-group-wkhtmltopdf.cmd

    • Size

      2KB

    • MD5

      3c28264936d7888db8c8fae0592b89da

    • SHA1

      18b99d0eb76d54698f440d1aaad718b7ec81a66a

    • SHA256

      9e69940c9f07d2d5f65ec03ff8b062a09f9402319a2357ab6b02957f636bd5b7

    • SHA512

      6ce111ec457ddbd3b40c515315d8a4345d78502ede6d50f0a3d986ac2f67010073b708414a0feb46e390f6bdd6a2b816b58a86e673dcea69f8a08c2196342d1e

    Score
    1/10
    behavioral27

    • Target

      scripts/HTML2PDF-single-chrome-canary.cmd

    • Size

      2KB

    • MD5

      5601ee4ad38d38ecf7194a592487284b

    • SHA1

      06db6f213f7fe9eebaa84f2cd37ef1d9c3af3505

    • SHA256

      83a06d574a1cce64446dc49a4de47daac4452f45fec1d42210a38d682ab494a6

    • SHA512

      daa9f6df248ab9a301a955ccb4704db62af76ff77b7491137b37fe4b249753667bf8635157fbaa9738e93f5f0411dd77fdf003684c4492b9e67bc69b77041054

    Score
    1/10
    behavioral28

    • Target

      scripts/HTML2PDF-single-chrome.cmd

    • Size

      2KB

    • MD5

      bd4446087015015b971d3386b7e8b9cd

    • SHA1

      b6fe725bfd96b294bc0cf5d59ddd79ece827a4df

    • SHA256

      1087c0e45edba0c798704e312b306b8795e6155ae83a603a29742c59288ad1cb

    • SHA512

      6ac8f36a3995e6168a43adb354af917410ee1a8d7e2a7b6b4b2199606f49d102ee6144ad9adbd9668c224bb42f26344a0332f42ab9dc350ddfb9ee60c38dfd47

    Score
    1/10
    behavioral29

    • Target

      scripts/HTML2PDF-single-wkhtmltopdf.cmd

    • Size

      2KB

    • MD5

      d943fbd7083a8530772ddcbbacb0daa1

    • SHA1

      b288200637dd01f5968ab0b08624648a05338963

    • SHA256

      7569f34bfd784f22cabd073cff7042bd912eef56dbaeda1ebaee4646c1f894b9

    • SHA512

      ec3b623ec3da4b1b30af4e008772e1a36a2a7d1fa4e1f889bc08c0bfca474a7c301b0ae132d3339439973870dcaad0800e507a23d95497ec33a89607048ec1df

    Score
    5/10

    • Drops file in System32 directory

    behavioral30

    • Target

      scripts/PDFMerge-pdfbox.cmd

    • Size

      4KB

    • MD5

      da5359a7bfe902ed99b3f7042542f4ad

    • SHA1

      720dcff01bb3735bf6c25ffa5de4d25b1bc55d60

    • SHA256

      7ed4ec705282f8a849737faa300c1b15d55b85015b13f57088b2bfb9d30c79c5

    • SHA512

      4d35663d2b3d158c274a7b9c7a7ae534f7e0bd08b61710b929047192366555c8d8dd0564b38aaac855ad7f03826c883359885a389a5fa76da410433f557e2868

    • SSDEEP

      96:3I2KVKTTfUBxfDeTPwogDtDsK2SlM0t68RM0RXx:3isffUzDe7woctDV3W+h

    Score
    1/10
    behavioral31

    • Target

      scripts/pdfbox-config.txt

    • Size

      1KB

    • MD5

      38602b9770e1751a83b3472b82a95e62

    • SHA1

      119a7e459c664fab75e5b1c42090a3c79681daf6

    • SHA256

      bc888c1af2034978f1ec948c6525f1c86117681c0ab30b58679116415fa2a3d0

    • SHA512

      92d3e03d0f0bca06fa05c4f8f1a02ee252ceeb564b03708f7349824c998ed6d6defb3d9f3c883272f275db3f513807e7e00936ee6a9851e138bd3343c68de572

    Score
    1/10
    behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

4
T1112

Credential Access

Discovery

System Information Discovery

11
T1082

Query Registry

4
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks