General
-
Target
Factura.PDF.rar
-
Size
203KB
-
Sample
230130-ryjx3aag27
-
MD5
9ddb31cf7f924a5d729182cc171003bc
-
SHA1
4ff99d6e73bc571a93967eb7fb6ce442446aafb8
-
SHA256
b63e47f43607cf318bb4d8d857f65e1a105b8a1b9cfc0e670a45c4730d44eb30
-
SHA512
93d7f8c07ebc6afd5d70b38784f92c5c58ab6d386ec654d11274bde5806c6ab8a23a68714976e74f218dc7548b614e6409f0e85515f69cd877dbacdb7844eeb2
-
SSDEEP
6144:oXtpVrfubin6I7s2H4TaJG78b0C8MABb6ZLb:o9p56osBdvrB2Zf
Static task
static1
Behavioral task
behavioral1
Sample
Factura.PDF.vbs
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Factura.PDF.vbs
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Factura.PDF.vbs
-
Size
330KB
-
MD5
ed0e0f21f05f2cb8532be52cc4662e68
-
SHA1
e1e82fbd824112be8a18053a4c7475b78d64806c
-
SHA256
02912e9095dd8683352dee911328ba880510bc366bf9d4a7a56355328b49e2a4
-
SHA512
32286c555502e5eff6b0fa84d3f5de4953549bf253709deb535682817d4418fb9e7f6513686b42febe58238bbdbc52d604e559c32aeeefd7419f6accd12bf9ec
-
SSDEEP
6144:ryK21aGtlv9NMLTReDutfjc6314t7ByaqOH9YNodCcmyvviq:rt2AclYkulIg12BT9Eo2Od
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-