Behavioral task
behavioral1
Sample
f3f317ea19a53dd4246d3d1955905247c38ef2f3b1edb1f0aacec8a8c25ec133.pdf
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
f3f317ea19a53dd4246d3d1955905247c38ef2f3b1edb1f0aacec8a8c25ec133.pdf
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
f3f317ea19a53dd4246d3d1955905247c38ef2f3b1edb1f0aacec8a8c25ec133
-
Size
13.8MB
-
MD5
9a04436491a27dbad956ac645fd9eccd
-
SHA1
ae11f546f88f71abad791d5ce65fdc2177cd2b80
-
SHA256
f3f317ea19a53dd4246d3d1955905247c38ef2f3b1edb1f0aacec8a8c25ec133
-
SHA512
64ebd257ff5a59702203b18a52c5602b4eb30e7f28981b322e3abef9e8f70cd3bb1c4e1237872887eb19be10d57d78386e2aeb6acfd9eec1f92484928d1c12c1
-
SSDEEP
196608:EwXBZSkw+9+WjrBWHHn3GyPtVxlWQTvrgLwMKkNfm+w+EUdrn00:Eqg+9TeXXPplPjrgL22O0rf
Malware Config
Signatures
Files
-
f3f317ea19a53dd4246d3d1955905247c38ef2f3b1edb1f0aacec8a8c25ec133.pdf
-
http://www.informit.com/articles/article.aspx?p=1686289
-
http://git.gnome.org/browse/gedit/tree/gedit?id=3.3.1
-
http://dl.packetstormsecurity.net/papers/virus/Sophail.pdf
-
http://www.practicalmalwareanalysis.com/
-
http://www.nostarch.com/malware.htm
-
http://www.virustotal.com/
-
http://www.dependencywalker.com/
-
http://www.angusj.com/
-
http://www.smidgeonsoft.prohosting.com/pebrowse-profile-viewer.html
-
http://www.heaventools.com/
-
http://www.mandiant.com/products/research/mandiant_apatedns/download
-
http://www.malwareanalysisbook.com
-
http://www.intel.com/products/processor/manuals/index.htm
-
http://www.hex-rays.com/idapro/idadownfreeware.htm
-
http://undocumented.ntinternals.net/
-
http://www.openrce.org/downloads/browse/OllyDbg_Plugins
-
http://www.poisonivy-rat.com/
-
http://www.metasploit.com/
-
http://www.opinionatedgeek.com/dotnet/tools/base64decode/
-
http://www.hex-rays.com/idapro/freefiles/findcrypt.zip
-
http://www.peid.has.it/
-
http://www.smokedchicken.org/2010/06/ida-entropy-plugin.html
-
http://www.dlitz.net/software/pycrypto/
-
http://www.badsite.com
-
http://www.yahoo.com
-
http://www.domaintools.com/
-
http://www.robtex.com/
-
http://www.bfk.de/bfk_dnslogger_en.html
-
http://www.thepasswordisflapjack.maliciousdomain.com
-
http://sf.net/projects/bastard/files/libdisasm/
-
http://www.trapkit.de/
-
http://www.mindviewinc.com/
-
http://www.mandiant.com/
-
http://www.sysinternals.com/
-
http://www.zynamics.com/
-
http://bochs.sourceforge.net/
-
http://www.hex-rays.com/products/ida/debugger/bochs_tut.pdf
-
http://portswigger.net/burp/
-
http://www.honeynet.org/
-
http://www.ntcore.com/
-
http://www.faronics.com/
-
http://www.hex-rays.com/
-
http://www.hex-rays.com/products/ida/support/download_freeware.shtml
-
http://www.immunityinc.com/
-
http://tuts4you.com/download.php?view.415
-
http://www.inetsim.org/
-
http://www.woodmann.com/collaborative/tools/index.php/LordPE
-
http://labs.idefense.com/software/download/?downloadID=8
-
http://joncraton.org/media/files/nc111nt.zip
-
http://www.reconstructer.org/
-
http://www.ollydbg.de/
-
http://www.osronline.com/
-
http://blog.didierstevens.com/programs/pdf-tools/
-
http://www.peid.info/
-
http://www.magma.ca/~wjr/
-
http://processhacker.sourceforge.net/
-
http://www.python.org/
-
http://sourceforge.net/projects/regshot/
-
http://www.angusj.com/resourcehacker/
-
http://www.sandboxie.com/
-
http://bsa.isoftware.nl/
-
http://www.snort.org/
-
http://www.sleuthkit.org/
-
http://whatismyipaddress.com/
-
https://www.torproject.org/
-
http://www.secureworks.com/research/tools/truman/
-
http://msdn.microsoft.com/
-
http://www.wireshark.org/
-
http://upx.sourceforge.net/
-
http://www.offensivecomputing.net/
-
http://www.vmware.com/
-
http://code.google.com/p/volatility/
-
http://code.google.com/p/yara-project/
-
http://zerowine.sourceforge.net/
-
http://www.malwareanalysisbook.com/
-
http://www.practicalmalwareanalysis.com
-
http://www.practicalmalwareanalysis.com/cc.htm
-
http://www.malwareanalysisbook.com/ad.html
-
http://malwareanalysisbook.com
-
http://www.x-ways.net/winhex/
-
http://www.practicalmalwareanalysis.com/bamboo.html
-
http://bamboo.html
-
http://www.practicalmalwareanalysis.com/tt.html
-
http://www.woodmann.com/collaborative/tools/index.php/PhantOm
-
http://adg.malwareanalysisbook.com
-
http://www.practicalmalwareanalysis.com/shellcode/annoy_user.exe
-
http://www.practicalmalwareanalysis.com/cpp.html
- Show all
-