General
-
Target
Request For Price (UKIM 2307-11MK)·pdf.exe
-
Size
1.0MB
-
Sample
230711-qv8xcahc89
-
MD5
c87053a08911a3e955800ec9459ab351
-
SHA1
bd5a1fcb9a8976231212c8164adec3b3146b9c58
-
SHA256
6aa0f617858116f47259be57fb9063c77652fffd2aeb11066340bf984f45d1c7
-
SHA512
8c495f4a1330c1d9bd2586d496d655b0b9ab7c3d02f39bd4d8556f7592cd9c4099a360aea94fad3d8f213c203817dbf289191bfb58392dea93983a7d3aa5fedc
-
SSDEEP
24576:whlXrP+f9VlvfE0ZGx2Zw1NGANvqYzNYvZvi3ZaE:GXLGblcKwJiYzuBKpD
Static task
static1
Behavioral task
behavioral1
Sample
Request For Price (UKIM 2307-11MK)·pdf.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
Request For Price (UKIM 2307-11MK)·pdf.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
Request For Price (UKIM 2307-11MK)·pdf.exe
-
Size
1.0MB
-
MD5
c87053a08911a3e955800ec9459ab351
-
SHA1
bd5a1fcb9a8976231212c8164adec3b3146b9c58
-
SHA256
6aa0f617858116f47259be57fb9063c77652fffd2aeb11066340bf984f45d1c7
-
SHA512
8c495f4a1330c1d9bd2586d496d655b0b9ab7c3d02f39bd4d8556f7592cd9c4099a360aea94fad3d8f213c203817dbf289191bfb58392dea93983a7d3aa5fedc
-
SSDEEP
24576:whlXrP+f9VlvfE0ZGx2Zw1NGANvqYzNYvZvi3ZaE:GXLGblcKwJiYzuBKpD
-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-