Overview

overview

7

Static

static

3

Facturas P...__.exe

windows7-x64

7

Facturas P...__.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Facturas Pagadas al Vencimiento.PDF______________.exe

  • Size

    306KB

  • MD5

    ccde7391f2d26c2a6a5c3296a76560a4

  • SHA1

    27b5741b476406da1aa71afe0d1868fc3e59e747

  • SHA256

    f96b03987d5a39f6d1172f022a2e3bf15a31c18f5b38a5ce77c682c36dd791c9

  • SHA512

    b6e35010effa9fd777ed5c34be1cbf2842e9753d4c5c82ca797c4baaa1a50f5461aacf67742c14ec4ed18953b18e8feb62e01b7aaa980d815ba5bda34daa31c7

  • SSDEEP

    6144:oyIF6BJI9IPiUVBIMSCymlNrrvFUAP308bEpc2K14W1:DHIhUVKmlpjFfP30kh4W

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • Facturas Pagadas al Vencimiento.PDF______________.exe
    .exe windows:4 windows x86 arch:x86

    b78ecf47c0a3e24a6f4af114e2d1f5de


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    46f8b6973f33717335c0f6d8087de67b


    Headers

    Imports

    Exports

    Sections

  • Begyndelsesgrundes.cal
  • Ingenirernes.Int
  • Klasseringen188/grundprincipperne.unp
  • Klasseringen188/krydsogtvrsopgaves.pos
  • Klasseringen188/marsupialian.tel
  • Klasseringen188/nako.cap
  • Klasseringen188/outswearing.for
  • Klasseringen188/subornative.gru
  • Klasseringen188/tetanine.ilo
  • Phragmocyttarous.Pre
  • Sojourning.mak
  • Styltegngerens220.out
  • abased.txt
  • clupien.ind
  • eksercerskole.mat
  • facileness.bag