General
-
Target
PDFCreator-5_0_3-Setup.exe
-
Size
37.4MB
-
Sample
230125-qsdnesgd26
-
MD5
c3441267a4f584f649c9154a2442057b
-
SHA1
dddde15b0ab014f81a9cec227101843a3da9bead
-
SHA256
3066d8aee375735ae180cd83974d6a72f98489736e59333798e458e383d2b718
-
SHA512
3dbd9d39eb4011e92c225ae4b990ab7be371c5becb808f68a2aa91b5cd699bdb9b7f4b1f8e6762713ce22dcaa81e90cdcde481e57904f799dcc46843b67da9cb
-
SSDEEP
786432:8xqKeUCAOBiFZl2VtgCVS5kyoUoPQJ9XWwEkwgLKaYqRAS:8teNpiItgp5kyoUoo8pgLKaVW
Static task
static1
Behavioral task
behavioral1
Sample
PDFCreator-5_0_3-Setup.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
PDFCreator-5_0_3-Setup.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
PDFCreator-5_0_3-Setup.exe
-
Size
37.4MB
-
MD5
c3441267a4f584f649c9154a2442057b
-
SHA1
dddde15b0ab014f81a9cec227101843a3da9bead
-
SHA256
3066d8aee375735ae180cd83974d6a72f98489736e59333798e458e383d2b718
-
SHA512
3dbd9d39eb4011e92c225ae4b990ab7be371c5becb808f68a2aa91b5cd699bdb9b7f4b1f8e6762713ce22dcaa81e90cdcde481e57904f799dcc46843b67da9cb
-
SSDEEP
786432:8xqKeUCAOBiFZl2VtgCVS5kyoUoPQJ9XWwEkwgLKaYqRAS:8teNpiItgp5kyoUoo8pgLKaVW
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Office macro that triggers on suspicious action
Office document macro which triggers in special circumstances - often malicious.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-