General
-
Target
LEIDA IMPEX SRL TRADING CO.pdf.exe
-
Size
841KB
-
Sample
240124-l9cegafge7
-
MD5
794249309b980400d270115d32649018
-
SHA1
fd135525f55f30d5797332b55831bd2e598ffaa0
-
SHA256
fa4c8c4fd3ad0008d15bcd71e575130151f5f211f7b1fd3e4c934e68f9ec5ad7
-
SHA512
30048477b75d1921b4afe7d436f93e44b4f3b46590240bac36e4784ad3d67d74dbcca1807c4ef930dddf2e284a7706f0163cae531ab718d107a7acfc5cf91eeb
-
SSDEEP
24576:Gjru8aqNT6YIXuoukhwAnuS56olIxpMp:GjrujGW5nearNl5
Static task
static1
Behavioral task
behavioral1
Sample
LEIDA IMPEX SRL TRADING CO.pdf.exe
Resource
win7-20231215-en
Malware Config
Extracted
darkcloud
- email_from
- email_to
Targets
-
-
Target
LEIDA IMPEX SRL TRADING CO.pdf.exe
-
Size
841KB
-
MD5
794249309b980400d270115d32649018
-
SHA1
fd135525f55f30d5797332b55831bd2e598ffaa0
-
SHA256
fa4c8c4fd3ad0008d15bcd71e575130151f5f211f7b1fd3e4c934e68f9ec5ad7
-
SHA512
30048477b75d1921b4afe7d436f93e44b4f3b46590240bac36e4784ad3d67d74dbcca1807c4ef930dddf2e284a7706f0163cae531ab718d107a7acfc5cf91eeb
-
SSDEEP
24576:Gjru8aqNT6YIXuoukhwAnuS56olIxpMp:GjrujGW5nearNl5
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-