Resubmissions

18/05/2023, 14:57

230518-sbp18scf93 6

18/05/2023, 12:45

230518-py1vgahg2x 7

18/05/2023, 12:32

230518-pq1vhaag27 3

General

  • Target

    pdf_Setup.zip

  • Size

    652KB

  • MD5

    fa13b9c1fbc38717eef1f86da5200acf

  • SHA1

    0aeabf8defae419c3833131b40faa67fb07510ef

  • SHA256

    7812c9ef29870bf006b8480958738bb7525b4a737417fc2a337b86eaad5ad7f5

  • SHA512

    e731e85613835cf0f6edb11d31edd27deaa177943e4b18b4802ed4035d9e9a1965471a0981a9303275e5cc24120a66792f1b4500903eb9ea336cce8d94bef78b

  • SSDEEP

    12288:ZNlFVhljnIpv/FB/Ml/0pXfe0hOnOiTjSVSZtjCteYJaFkKKNIPRyWsMMzGK:x37Kv/FB/M2RfvOnO0SgbCteYoFUIPRM

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • pdf_Setup.zip
    .zip

    Password: infected

  • pdf_Setup/Public/Program Files (x86)/mis.exe
    .exe windows x86

    45b28e24916f7e7b4e42369bb7ceabbf


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • pdf_Setup/Public/Program Files (x86)/xweb_bridge.dll
    .dll windows x86

    41c5dff3ee77f7ff7fc4e9d8f76eab56


    Headers

    Imports

    Exports

    Sections

  • pdf_Setup/Public/logo.xml
  • pdf_Setup/Public/oks/pro.chm
    .chm
  • pdf_Setup/Public/test.txt
  • pdf_Setup/Public/windows.lnk
    .lnk
  • pdf_Setup/pdf_Setup.exe
    .exe windows x86

    fa0e8e3b120ac2020107eb5ea144c4a2


    Headers

    Imports

    Sections