Overview

overview

3

Static

static

3

tester.7z

windows10-2004-x64

3

DANFE35379...23.iso

windows10-2004-x64

3

DANFE35379...df.lnk

windows10-2004-x64

3

DANFE35379...23.exe

windows10-2004-x64

1

DANFE35379...23.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    tester.7z

  • Size

    134KB

  • MD5

    afadb17f53fef6c11a567f266b308f7f

  • SHA1

    e8b199dc73ba2c9e9ebe0e9b3c58c3fab2a05f34

  • SHA256

    473945c17be8d315270500768fa94e061a8a947e8f34a6734cbc2e7cb4127d65

  • SHA512

    f70dab51e21148f59e5d6536e5fcb0bbeca9eada9012c2cdc11c81e1b7280c94a67d29036aea19cf13256b8453d38e86e8b175b0c526e730f46ca2e7afec8b9f

  • SSDEEP

    3072:yhQ7ZIdHnHTjUpx3aD6Dw7tuHy4A6qI2nt+KLuNMfI:yuudHzjUpfWkSL/4QQMfI

Score
3/10
pdflink

Malware Config

Signatures

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • tester.7z
    .7z

    Password: insanepassword123@

  • DANFE353790299485523.iso
    .iso

    Password: insanepassword123@

  • DANFE353790299485523.pdf.lnk
    .lnk
  • DANFE353790299485523/DANFE353790299485523.exe
    .exe windows x64

    Password: insanepassword123@

    272245e2988e1e430500b852c4fb5e18


    Headers

    Imports

    Sections

  • DANFE353790299485523/DANFE353790299485523.pdf
    .pdf

    Password: insanepassword123@

    • http://NF-ewww.nfe.fazenda.gov.br/portal

    • http://www.webdanfe.com.br