Behavioral task
behavioral1
Sample
4a9a2c2926b7b8e388984d38cb9e259fb4060cccc2d291c7910be030ae5301a3.pdf
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
4a9a2c2926b7b8e388984d38cb9e259fb4060cccc2d291c7910be030ae5301a3.pdf
Resource
win10v2004-20240802-en
General
-
Target
d3d64e1600d322dc7b3083c2406f1871.bin
-
Size
180KB
-
MD5
62f4c5b29dd3de412615e7f6392ff20d
-
SHA1
32e1679cae96a8b5b2d17767d27585c4ef00edaf
-
SHA256
8dc758848690cf20944372fb284e4abad561dcbfef23de197c7bf8929f7aba40
-
SHA512
c32bebf4c6a49fb949ac3f30c0cd967abb47c6f315303280c602418cb952cb3c42c7a01ecbfe68e0ed373ea653ac3eca030e28b84bba236a0c54c3792013dece
-
SSDEEP
3072:R5f7mwozEj2ZotUF9GSDSu/dePkNr/Qual4q85//AdWrMg1KntZU9NYGsCHMWiKd:R5qnziq6UFHDSuY8NzQzlC5HAdWQNkYa
Malware Config
Signatures
-
HTTP links in PDF interactive object 1 IoCs
Detects HTTP links in interactive objects within PDF files.
resource yara_rule static1/unpack001/4a9a2c2926b7b8e388984d38cb9e259fb4060cccc2d291c7910be030ae5301a3.pdf pdf_with_link_action
Files
-
d3d64e1600d322dc7b3083c2406f1871.bin.zip
Password: infected
-
4a9a2c2926b7b8e388984d38cb9e259fb4060cccc2d291c7910be030ae5301a3.pdf.pdf
Password: infected
-
https://account.protondrive.online/QYsUdBqi?b=kteOTy1XtwcvGryOBwHRZlU75fCNcVM6rKMeX5ClCqDRIzIbRi2i1g
-