Resubmissions

14-06-2023 00:49

230614-a6lm7acd45 10

14-06-2023 00:49

230614-a6ejwacd44 10

14-06-2023 00:21

230614-and6dscd27 10

General

  • Target

    Allergies List and Allowed Substances.numb05151.pdf.zip

  • Size

    16.6MB

  • MD5

    d3bb51283dcf2658026fbdacdf3df32e

  • SHA1

    a05f9a6bd29a4b28066dc6b1575fa4945ef86650

  • SHA256

    cd83427b301bad7fc71f23cb121a4c41483b2f0278c54e9595583e8f2865f004

  • SHA512

    b80b527cb7fb762d78893be87fe00f6827418cfde6be4ba929d1ba725f0d2c06e0cf861a93fc90bb20161a2edf30162e29ff10c344bb582a897664ffe30f2ad0

  • SSDEEP

    393216:z7xPhHoZMb512lSjxU9LVbRyCqBYa5o4CPMscWpmmaivTCzn:/lhH7Ljj2FhcG4Njy2ivAn

Score
10/10

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

  • Dcrat family
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Allergies List and Allowed Substances.numb05151.pdf.zip
    .zip

    Password: infected119

  • Allergies List and Allowed Substances.numb05151.pdf.scr
    .exe windows x86

    Password: infected119

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections