General
-
Target
FACTURA_SIGO_EVERTHGAMBOACARRILLO_N°568665625400022.pdf.rar
-
Size
14KB
-
Sample
221007-tqthmschb9
-
MD5
0f8e72e7fb1d3489cbf07476fc83ed85
-
SHA1
277e2c9f6e375d4ed05a540e35d67879316387e7
-
SHA256
78ce252e70915f779f723963a941720a7e79b2222284538a4f6f99c0f7d39649
-
SHA512
5e815638745a9042b0aaf01b3189edd53d1b31b3ea777f9dc00475183eda8766568fb47c6251abe0e3a1d54be832a4fbb959dadc4efbf25fe73e19389a6b97ac
-
SSDEEP
192:IWR+IT90fKCr77pbX1bbSKUu9XPGdZKTsoPGdO9rxtSOEJuHFaXf4l+tOk1IvRAr:IA+2afLYV9aTHH3IIFCff+E1eB9YmHG
Static task
static1
Behavioral task
behavioral1
Sample
FACTURA_SIGO_EVERTHGAMBOACARRILLO_N°568665625400022.pdf.js
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
FACTURA_SIGO_EVERTHGAMBOACARRILLO_N°568665625400022.pdf.js
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
FACTURA_SIGO_EVERTHGAMBOACARRILLO_N°568665625400022.pdf.js
-
Size
29KB
-
MD5
96f834f41f5ff93fcea742d15be92139
-
SHA1
53edda700bf5c1911d1b8be17904d748713b2e5e
-
SHA256
cca235186ef2603aea1f9cb09f5f6a302b1391ba8e36ffffead352c8a2164db5
-
SHA512
1efc91ecb8de613928ca309a012bfcca42365298855f104de71c625f742383522e1b14b90e8d00da83ec7759e3ff34b1931e12281e027a3c7839dd31425c7dd0
-
SSDEEP
768:d+5P/OTIE6uwBpa4lUKOITIW4/qj7/WsPk0JR:OwqBM/k/WsXR
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-