Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
19/07/2023, 12:46
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
confirm order.pdf.z.exe
Resource
win7-20230712-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
confirm order.pdf.z.exe
Resource
win10v2004-20230703-en
13 signatures
150 seconds
General
-
Target
confirm order.pdf.z.exe
-
Size
590KB
-
MD5
748ec8e8b465e07469d5fd92a2ae365f
-
SHA1
0680fc0f9ccc8d15990c415ddb876b909bda49fe
-
SHA256
96f6d5e92907e880383195044e0481a9afbfa675123f86dc25b643b42c22ba29
-
SHA512
3d65813c5adde583a9a98f9466bf3bc89173d89ec71a3f3b5f22e1a414e93ae323dd5f273645c32a490469dd5fb39a5f9b8331b3f642158c16953ab07310d6f4
-
SSDEEP
12288:NSPYPfY713dxbzSlgpMAn0v4bk5ZgWDoTgeBPYo2XRtNs3ZY7:EPYPgR3dTpZXwgtTJJYooFs3Z
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2552 2468 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2468 wrote to memory of 2552 2468 confirm order.pdf.z.exe 30 PID 2468 wrote to memory of 2552 2468 confirm order.pdf.z.exe 30 PID 2468 wrote to memory of 2552 2468 confirm order.pdf.z.exe 30 PID 2468 wrote to memory of 2552 2468 confirm order.pdf.z.exe 30