1c371280ef5ddb832d5534e015869a5fe79a379649c64b69160533b81a219e46

Sharing

Copy URL

Twitter E-mail

General

Target

IAMLIVE.zip
Size

146.1MB
Sample

240603-s71slsce68
MD5

95fd8968a0f7a03e641a5d8e5f472a56
SHA1

fd2c5854190959b8d95b0035e7df882cd1e3d545
SHA256

1c371280ef5ddb832d5534e015869a5fe79a379649c64b69160533b81a219e46
SHA512

361d59b762097ab572a27467847d42059884dcd7118462b6d4f112ebe7c1b3453c6644bde9c2e30b5a595a9f74013083ab88fd894d222cdde94cd4c78634c131
SSDEEP

3145728:6EiLGYHBpIUv2MGmmkNt79qjjnorqCQh4mZusAX5+0k5Ee:2hpIUxGorrqCQhXZnme

Score

4^/10

link pdf

Malware Config

Targets

- Target
  
  AIR FORCE/3. TMQ53 CLS PWS-RFP.pdf
- Size
  
  767KB
- MD5
  
  b7c30145c5493721dfdd6f0a4f15ae6e
- SHA1
  
  4ae0509ff15e2a848e06f98419a8a616ec41aaba
- SHA256
  
  0ee6e9a57b5bc92321caa60cd6f060a6de0d85f8f741ef96be818730f94d5c6a
- SHA512
  
  7f33cf8f9e6420080f5a292673d5bd12f45bd590b788c4117ba6f26426278579b132f9eabdcf91883fec75195a0487dadc4bdbeb026e9d258bd2e01c82a915d9
- SSDEEP
  
  12288:X6ri13c02xO4sXCoDoRfs6fajcrFhLfBH5BxdlsRwcJ2fGkp6Vcv1Z6YNZd91YBq:X6+1WOVvDodCjcrZXlsqK2jMVcvz6qZF
Score

1^/10
behavioral1 behavioral2
- Target
  
  AIR FORCE/Attachment 0013g - D-IBCS-0471_Delta2_Suppl_PE_redacted.pdf
- Size
  
  780KB
- MD5
  
  2c068bf294f9633b06a24d1c79adc989
- SHA1
  
  d88e299583a9af64f0210727414bc130eb1229bd
- SHA256
  
  43a1608ddf6c5f6285951af667018e1d8e6e0b109c7c0f85f0bd1d256b7f2ca2
- SHA512
  
  00d93dc21e95d6a8caa712a54d9adbab8a54690b945ac4df7d73cfd95323cd3d3b2fa7b4ff22017ffcd824ac9cd0caec11be810041911956913ec93b7236c166
- SSDEEP
  
  12288:TBahTaBfL8AK0JVyhbxNy4/67INUxMuyLctd8Rd8LOrx4Xihepk5hvpQ+:9a4foAJJybTy4/mIyLPS8LOVXepOhve+
Score

1^/10
behavioral3 behavioral4
- Target
  
  AIR FORCE/Attachment_7_-_Compliance_and_Reference_Documents_(DRAFT).pdf
- Size
  
  357KB
- MD5
  
  6cfcce9bb7c56da30e81bca075f0f2e7
- SHA1
  
  ba276b8427206ad7862af030ea9cc3fd27b33cd4
- SHA256
  
  3f4e2793786cbb1707e2bd405da4e874f5b5e62101cfafaa682bf88eb8c1d739
- SHA512
  
  15074210cd138b83d65669f44035c858f899f9dc376f3cafdf906a0218ba1f2aac11c269ebbc979e9fda5eee8be881676800ecc9f37f3fe8ab7efa060868ff7b
- SSDEEP
  
  6144:8LNyHaPTd2LM/hT/DR0nbn8svY5/d3rJkPUlf/ZLgt+FSvzLd+JRLfg8gwlUAu:aou+chTbR2b3MCUfgt+Wz5SgBOU
Score

1^/10
behavioral5 behavioral6
- Target
  
  AIR FORCE/DRAFT JNWC-IV-IDIQ Work Statement v. 1.pdf
- Size
  
  467KB
- MD5
  
  50153fceccba5ba913d3e2b4ac5307cf
- SHA1
  
  0117104d3711bbde72b1113642f17e5beb0cd130
- SHA256
  
  ad1cfd694764b133bd99502692d7a7ae80cf7ff14518e312304ec1b21ad9671a
- SHA512
  
  a587cf3ec68a2ae527bb0883a8eef96c18bd20c719551a405277bc6f4d6c50ccf0bf9e7abef792a442398206eca2128030d7afc60121bdf2bddeed40027dd96e
- SSDEEP
  
  12288:hiCYmLjV2CrpCuJRF9zFt+Xbnej8Ax7/OFN5c:SmLxTAiFcX7eIAx/ONe
Score

1^/10
behavioral7 behavioral8
- Target
  
  AIR FORCE/Draft GRIM SOW 7 Nov 2022.pdf
- Size
  
  547KB
- MD5
  
  f2960ff82d36a81e4c1984d46faf27e8
- SHA1
  
  f1105b203f62368c2728745cb63099a781425357
- SHA256
  
  8c768d7cf361ef2d214b64c3e57a08bdf21ba8871dba9e77f826044646f25341
- SHA512
  
  d664320fa63f2ae50a18c7b95fa4933d8308fb1a5b033889c77870329da6ffce4f2e88a2464ad66279f5cf8e61f7a3999238685146f1d55ced815758636f6903
- SSDEEP
  
  12288:fo2fadcsVXTFlSk5umOTKo53RZtLNaPYor2u5SzL:fo2f8nrpOT55ZNaFCQS/
Score

1^/10
behavioral10 behavioral9
- Target
  
  AIR FORCE/FTUAS Applicable Documents for Reference.pdf
- Size
  
  173KB
- MD5
  
  ee62cd69484c60e7bd38d4115f6504a6
- SHA1
  
  b2b57f27c60f405a3abd7859d327408138b479de
- SHA256
  
  cba662c8222e421a8fc3bba170e189fff59d3f1b141083d7f3b3c9946d71dabd
- SHA512
  
  e80bb98568b8848ed8e73a89513b231ee11f453a62b4417051cf34b20befacbd403e4160d4a53add163250ea89f0474856bb9b5f508399891437bf2241f5de21
- SSDEEP
  
  3072:vDPhba692/B4gDEMVrRbAED7pJdEoFvB5+Sm7CNW4ajbc1fo3dQfE/u2RB6lnAMH:v1bp2/yUrR8EfpJvFphm+NWVjbc1EF/g
Score

1^/10
behavioral11 behavioral12
- Target
  
  AIR FORCE/GEN-12-AMAM-02.pdf
- Size
  
  123KB
- MD5
  
  6f2d44248dac1de7184107c850b76ca2
- SHA1
  
  b7548cfb27b1e41853ff18b8e23e482796c5859c
- SHA256
  
  72c7c7833f2572f9e3415b942ae65936e6849f8cc7fc682155a72937d36fe44d
- SHA512
  
  e11d4aae4dd808d9d1ba528e7426645694c87e531ad655b6059139f0a802dc3961d1aa40174a633c59dffc161f8c70cdf5d5fdb9d5fe7e79b1f679bc2bae228c
- SSDEEP
  
  3072:3vzI4Ai/ax66fkkNsp7ntYTtyqpvkqW0ei8s/tMLY4:3oi/e6gu7CT0qpvk4Fx/tMB
Score

1^/10
behavioral13 behavioral14
- Target
  
  AIR FORCE/HSIP_FY21_SOW_BusinessPoints_20210105.pdf
- Size
  
  865KB
- MD5
  
  cb1d711143d989972ba6fe98ba2d0b13
- SHA1
  
  04935de584e065b77d2377180e1bf7b1e5cb11ab
- SHA256
  
  0ffcbbb960a9f3b55eb047b01d5553e6e431c82f6c3312fb09b4d36b15daac8f
- SHA512
  
  e74638003636d0accb27002799518824a689db08d9b052ea42bbaf79d360c1e79bf17ea86dd72301841e0de54108202295cfd53c0b83c3db147f9dc2d88e355c
- SSDEEP
  
  12288:1J36aYpa96/8wsO8OKDihujrCiIhUfQNd6mFSqrAuH/sFuhgXikXT+5l6lNRWqAe:TT+aMhsO8OKD+NLFSOEm/kL3WlSB
Score

1^/10
behavioral15 behavioral16
- Target
  
  AIR FORCE/HYDRA PWS_Draft_RFI V1 .pdf
- Size
  
  1.1MB
- MD5
  
  b672eda48c239d30bb8c567f6cd78db2
- SHA1
  
  012efedfa548fa45d59ca2ed6b0a517fc2d3194e
- SHA256
  
  07a1274c8fc7532ece76113ef7636b43cc8b9bf874b8fe80d7f637903a4446a4
- SHA512
  
  a5d3f883c9528452c175040bb8fe298ae6d29d18ecf72390044cabe5fc9d122c06619dd7c93ba4cbcccce438d0054ad252830c81f241f383edfe8f7410eb6fbf
- SSDEEP
  
  24576:aHHSsUB6uqSWaiKCAo4oHcVvCOnxXUyQ4FuIwSQSD3kn5olO0CG:vB6bk9oHcVlxXUyQ4ZOSDe5j0CG
Score

1^/10
behavioral17 behavioral18
- Target
  
  AIR FORCE/LCMP-IDE_Follow-on_Exception_to_Fair_Opportunity_Justification_(004)_Redacted.pdf
- Size
  
  856KB
- MD5
  
  47078052d5ab665b327be8e36a6599a8
- SHA1
  
  dfb8db0769a680baceba07f07d15ab2dd6d44baa
- SHA256
  
  c5cd043fb57b0ff49d539ba937460c8f048c03984bccd544b9a0a8010e8b4cbf
- SHA512
  
  3592af9494cb8c1e51206aaf1b09f7cda203f06d44c94bbe46a5ba56dd98638bdb8676778b8ed50f19dec47be497dd6d3a75618d7623b0a657b9196239a10b67
- SSDEEP
  
  12288:DccFx6IUA/GREWcchalfMj+BMpWccc43WeEImLgjVccJIhGcdvQEzs:DD0IUDgCqJ2xeB6gjVyrds
Score

1^/10
behavioral19 behavioral20
- Target
  
  AIR FORCE/PBL_PWS_-_DRAFT_02212019.pdf
- Size
  
  1.6MB
- MD5
  
  c7a11e1abe0c4fde829d93c58451fb59
- SHA1
  
  08c7d69c371f72358df2cfad1673fec35f1e2872
- SHA256
  
  275933d39e504e7973e622ffe34370fef53cc0769dc8a11cdbb50c0cf5033d17
- SHA512
  
  ace47493b4c9877f8c5df2f4f70aff4e32de702807f5b7efa5a8fd474de4944f43941e67bfd9029db3adc57b62f0c6555d24f30d026a7e9d9510c3aa8c21133b
- SSDEEP
  
  49152:oVrgYtrnXvvv21wGVkz8iIjhfSw3c8YVxJBeggqZ0L4g1d:o5gYxnXvvv2yoViMhfSw3cRVxuwC
Score

1^/10
behavioral21 behavioral22
- Target
  
  AIR FORCE/PSIR-APC-01 Industry Day 4_21_2021 FINAL.pdf
- Size
  
  2.9MB
- MD5
  
  18e6f51aab76cbe5a027e38bdb09b5b9
- SHA1
  
  12195b7480e3b55df22b8aa7906ab4aa65960c24
- SHA256
  
  fae4e2f420286950099b861a622fd196df4ac3390bb8a54bc63bc7bd964da3f0
- SHA512
  
  2480158f8dbcd92ade8ad5e27dc218cbe8016bad936bd4ac304a631b17b50abc6813528c5ed34362053d358b8a9dfb5b3354e23a5df0eef06ef59c95dfe5c710
- SSDEEP
  
  49152:AukoukOukgukJukNukEukVukJukcukLJoxZ8uk+ukdukRuk+6ukNukXukDukFukT:AuTuJuVuwuouLuUu2udu0JW8uRumuAuI
Score

1^/10
behavioral23 behavioral24
- Target
  
  AIR FORCE/Polaris_Draft_SOW_1_Jun_2017.pdf
- Size
  
  319KB
- MD5
  
  e16f3b89dd68e07121e380ae2d6a4354
- SHA1
  
  31209a9c945d7db5014023eeb8009af145c0b8a5
- SHA256
  
  998ecbcc2280a2eebb898ce12bbd313e4974bc76ecf80b5d284dab5bd6487c80
- SHA512
  
  d50485c08d88909db2b90c0eabd84dbd38d6af1836fb01b6ea8d846b83b197bfa2c731da0ce4a12e45179a7edf6e13b9a5eb02f35134d225bafdfa36b3363cab
- SSDEEP
  
  6144:MMq6EVB79QmuJjdmU6ZYlVqzcD4xz7OBycjrJ4qBFwscAcmo9BhBMt5Upqcz5SZ9:SlhQTNg0lAzcDPycjre4FwstPOjBVpNc
Score

1^/10
behavioral25 behavioral26
- Target
  
  AIR FORCE/RFI_FMI_11192020.pdf
- Size
  
  417KB
- MD5
  
  8aef27720b4e740ead011f2624f2d0fc
- SHA1
  
  cc065d3afa119ad22ba28179a07f9614f5e93b80
- SHA256
  
  7615460c18ef1cea24ebab898798d77dc68d5e898901d6472d1a7c996d0edb34
- SHA512
  
  1c514094f8529b6437e7b11c2cb39063913232e820fa11667765740f275e906727b73bf170a4edf5589ef33e325de0984fdddd21e2bd54b6e6969e5bbb0e1398
- SSDEEP
  
  6144:Aee+M7cnlrFZf0egF22XOKXByt5m4+XZzVb2r1CuTEsDdGrtYliDkLCpdO4GDcj:Avkl3f0eEKKIm4+pZshgf2liDkLnnDm
Score

1^/10
behavioral27 behavioral28
- Target
  
  AIR FORCE/Site Visit Sign In Sheets.pdf
- Size
  
  6.5MB
- MD5
  
  222bc41d73b52c4689f6d1524b38c48d
- SHA1
  
  e79ae0bec0a6b4bb2500849e8cdb2b3c3d967c6f
- SHA256
  
  771c6373bbdaf5bfbc254c99912629d6d6f941d50881a93d2151355d8dcdb481
- SHA512
  
  4e0a7ef451bceae74c3357e30f81decbfed662bfd2af7899f0ae60694dd6a75e04ffd94148126569f93ca198f6495767dee8c66a6e433b514ac7a924c0a786cf
- SSDEEP
  
  196608:ku/k5gVOzFA5feU5Zaps5ypGdijk3FdEkiW:zMO8RSP5ZGKy9jeIW
Score

1^/10
behavioral29 behavioral30
- Target
  
  AIR FORCE/VoICE Industry Day Presentation 20200930.pdf
- Size
  
  1.6MB
- MD5
  
  667bf7b0612830d01ffc24c5c85318dc
- SHA1
  
  905094931500195bcdb9acb5ca8f192dea9bb6bf
- SHA256
  
  cb0fc5ce4080c14d8ea2226359d4bf54f5e6af2808c3574c744c541a4bc39bc2
- SHA512
  
  1ba041af5d2b40a50d9fb0536cc8b904526d17a869272def15e35d11ecadf8a00eec7196fe6835de338c2d382710bebf78d1526324e13ba1c5ba501989368823
- SSDEEP
  
  49152:uaY1aSaWaluuao7aGqaCa7aHawa6aTabJ7/xa5ayaBaJa4ara0a+a+ayaqaVaFal:uaY1aSaWaluuao7abaCa7aHawa6aTabC
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32