Overview

overview

6

Static

static

6

WriteDown.pdf

windows7-x64

1

WriteDown.pdf

windows10-2004-x64

1

access.exe

windows7-x64

1

access.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    51de377c6243fab37dac4b45f824aca9

  • Size

    175KB

  • MD5

    51de377c6243fab37dac4b45f824aca9

  • SHA1

    1e5f6f6355634cedbf0aa8e94a55233190a53ccb

  • SHA256

    a6d15afad881a66aa90907f8a1e236b56c1471b8c6b2efc86c1647713e92705f

  • SHA512

    34eb798ca546536ec2bce9ef458019c4f6b7c7d8867bc26e7335dec696d4584072395c747e03b878a1266ebf40417f25a8770882a73472cce8d8eeeaffbc69fc

  • SSDEEP

    3072:XnACfUbfgeE2Bb5iEbHqMQGSvASnK9LB7AuJiLcadu2aVxtopYfiyf5:XFqgej97KLGSvASnKlB8BYfLB

Score
6/10
pdfevasion

Malware Config

Signatures

  • Malformed or missing cross-reference table in PDF

    Malformed or missing cross-reference tables are often used to evade detection

    pdfevasion
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 51de377c6243fab37dac4b45f824aca9
    .eml
  • WriteDown.pdf
    .pdf
  • access.exe
    .exe windows:4 windows x86 arch:x86

    6a38c3e645463a24bd5414af59483560


    Headers

    Imports

    Sections

  • email-plain-1.txt