Overview

overview

4

Static

static

4

files/Desk...al.pdf

windows7-x64

3

files/Desk...al.pdf

windows10-2004-x64

3

files/Desk...32.exe

windows7-x64

3

files/Desk...32.exe

windows10-2004-x64

3

files/Desk...2W.exe

windows7-x64

3

files/Desk...2W.exe

windows10-2004-x64

3

files/Desk...32.dll

windows7-x64

3

files/Desk...32.dll

windows10-2004-x64

3

files/Desk...32.dll

windows7-x64

3

files/Desk...32.dll

windows10-2004-x64

3

files/Desk...64.exe

windows7-x64

1

files/Desk...64.exe

windows10-2004-x64

1

files/Desk...4W.exe

windows7-x64

1

files/Desk...4W.exe

windows10-2004-x64

1

files/libeay32.dll

windows7-x64

1

files/libeay32.dll

windows10-2004-x64

1

files/samp...te.ps1

windows7-x64

3

files/samp...te.ps1

windows10-2004-x64

3

files/samp...ed.vbs

windows7-x64

1

files/samp...ed.vbs

windows10-2004-x64

1

files/samp...l.html

windows7-x64

3

files/samp...l.html

windows10-2004-x64

3

files/samp...tf.rtf

windows7-x64

4

files/samp...tf.rtf

windows10-2004-x64

1

files/ssleay32.dll

windows7-x64

1

files/ssleay32.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    DesktopInfo3152.zip

  • Size

    10.4MB

  • MD5

    df2374443286d570a259a647fb98f4f8

  • SHA1

    0d83d3f2abda8672bc87df7f5ae349a760b16acd

  • SHA256

    cf773b75a0cd32d7e0f5eb3e9efc7c8b483028b82d3186f95d50989f6fee91c2

  • SHA512

    42aec18b7614329871f69b7ae066b14f3a3d9fb3449a2a615d1cb229baedd136e70daff078e492fc29468b487f3a589f9c0a42ea5d6fe3689ce16abafbde0e08

  • SSDEEP

    196608:1rC3tCftTlYhynrO8j4q+Seprc0Ue7fKR5pHDxySnKz6zGyu74n:1rCMVTlYor3j4q6pwO7fK7pjcSn46CEn

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • DesktopInfo3152.zip
    .zip

    Password: infected

  • files/Desktop Info Manual.pdf
    .pdf

    Password: infected

    • http://localhost/

    • http://www.alcpu.com/CoreTemp/

    • http://www.glenn.delahoy.com/

    • http://www.glenn.delahoy.com/desktopinfo

    • http://www.ks-soft.net/

    • http://www.openssl.org/

    • https://docs.microsoft.com/en-us/windows/desktop/api/iptypes/ns-iptypes-_ip_adapter_addresses_lh

    • https://docs.microsoft.com/en-us/windows/desktop/api/winuser/nf-winuser-showwindow

    • https://docs.microsoft.com/en-us/windows/desktop/winprog64/accessing-an-alternate-registry-view

    • Show all
  • files/DesktopInfo32/DesktopInfo32.exe
    .exe windows:5 windows x86 arch:x86

    Password: infected

    e8f10453e25822ff881daddbca218b21


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • files/DesktopInfo32/DesktopInfo32W.exe
    .exe windows:5 windows x86 arch:x86

    Password: infected

    3264274f4d657046da558895f3177ed2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • files/DesktopInfo32/OpenSSL License.txt
  • files/DesktopInfo32/libeay32.dll
    .dll windows:5 windows x86 arch:x86

    Password: infected

    43b0fe249f8f5a5ce8ac2d967a025119


    Headers

    Imports

    Exports

    Sections

  • files/DesktopInfo32/ssleay32.dll
    .dll windows:5 windows x86 arch:x86

    Password: infected

    bb97df0f2e9321ec4e2256179b5b9c2c


    Headers

    Imports

    Exports

    Sections

  • files/DesktopInfo64.exe
    .exe windows:5 windows x64 arch:x64

    Password: infected

    4458220399a8305ef5fd57b606c0d1dc


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • files/DesktopInfo64W.exe
    .exe windows:5 windows x64 arch:x64

    Password: infected

    8aba4e46fa5d66407128fbeeab74d509


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • files/images/dti-logo.png
    .png

    Password: infected

  • files/libeay32.dll
    .dll windows:4 windows x64 arch:x64

    96c4f4e8917dc64df4c59957846701ef


    Headers

    Imports

    Exports

    Sections

  • files/sample-config/desktopinfo-absolute.ini
    .ps1
  • files/sample-config/desktopinfo-advanced.ini
    .vbs
  • files/sample-config/desktopinfo-corporate.ini
  • files/sample-config/desktopinfo-default.ini
  • files/sample-config/desktopinfo-linux.ini
  • files/sample-config/desktopinfo-neilj.ini
  • files/sample-templates/export-to-html.html
    .html
  • files/sample-templates/export-to-rtf.rtf
    .rtf
  • files/sample-templates/export-to-txt.txt
  • files/sample-templates/export-to-xml.xml
    .xml
  • files/ssleay32.dll
    .dll windows:4 windows x64 arch:x64

    f5309b9bf4cf9ba2dc53e76fa84b0e29


    Headers

    Imports

    Exports

    Sections