General
-
Target
475128640_20231129152352507pdf.exe
-
Size
655KB
-
Sample
231201-hmttfsff47
-
MD5
4603b3b3b4ab4df6f9de5e6d5fa185fd
-
SHA1
5521fce0bb45ee8c7a399446f4b588c7324d79dc
-
SHA256
43acec52a82b408f6b5dc63f194f192fd83ce974960146540170b53090c39029
-
SHA512
0b6b95fe888aca890a0293d0d2369919f8f2ff46e11cd8b6771545206db3b72e792600bb338e587daa889f64cdc31fcc5f0f0af81bf401e314132befc58547d1
-
SSDEEP
6144:RmOPAPZVheNA+ff03sP6IKC1J5zsGitKXtnIyglMbsgHvLz3ZST70mw21NKl1+Bu:knhe2easP6A1J5xi+nIR/On291YLW
Static task
static1
Behavioral task
behavioral1
Sample
475128640_20231129152352507pdf.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
475128640_20231129152352507pdf.exe
Resource
win10v2004-20231127-en
Malware Config
Targets
-
-
Target
475128640_20231129152352507pdf.exe
-
Size
655KB
-
MD5
4603b3b3b4ab4df6f9de5e6d5fa185fd
-
SHA1
5521fce0bb45ee8c7a399446f4b588c7324d79dc
-
SHA256
43acec52a82b408f6b5dc63f194f192fd83ce974960146540170b53090c39029
-
SHA512
0b6b95fe888aca890a0293d0d2369919f8f2ff46e11cd8b6771545206db3b72e792600bb338e587daa889f64cdc31fcc5f0f0af81bf401e314132befc58547d1
-
SSDEEP
6144:RmOPAPZVheNA+ff03sP6IKC1J5zsGitKXtnIyglMbsgHvLz3ZST70mw21NKl1+Bu:knhe2easP6A1J5xi+nIR/On291YLW
Score10/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-