Overview

overview

5

Static

static

5

Scan_Swift_pdf.exe

windows7-x64

5

Scan_Swift_pdf.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    81c256f7c3bbc7abfeb056849c8e129cbd421f930fa9add480d4961c573ad351.jar

  • Size

    1007KB

  • Sample

    241002-br7gsazfjq

  • MD5

    5f75a266dfa357d4e72e474eb856310f

  • SHA1

    d57dd97f24dda9dce3c9b703897b77aa4d555304

  • SHA256

    81c256f7c3bbc7abfeb056849c8e129cbd421f930fa9add480d4961c573ad351

  • SHA512

    95a0b777dee04b775245f47a0bf7f502dd1ed0543f091f57512796ac3c62feaadb9940283882a765a0978b4906de4be6107ad53249a524a436d811da3b362ef8

  • SSDEEP

    24576:3Vi3WJRBCDFZAim/r83Qos6AcGawdUkerZG4KVc8QF6dUH8usrUj:8mvCoim/Y3TG7dUDrA4Z8KcAj

Score
5/10
discoveryupx

Malware Config

Targets

    • Target

      Scan_Swift_pdf.exe

    • Size

      1012KB

    • MD5

      9365ca93e95c781ea713febeab9cf5d4

    • SHA1

      a49e48d497f882186cf5833d6d99623ece64f99e

    • SHA256

      4dc3dca6412cf1394cef6c2fa8d014104bbaa5a4a5b7710a722644fb465aad79

    • SHA512

      8f107829ec47b2a359ce78789bc3050d8ee1801427af33147555e036e0da16387c73eeffa5021270975a6bfc739059256a19a2cee4e28acaee659d635bca858d

    • SSDEEP

      24576:CD0tM85tbNJjldeYiYwii+X5M30EssAccaGLEk+n9GgMhc8EFEBspuKsPuR:CD0tM85DJjl/ixii+XWZ1crLEtnkgP8u

    Score
    5/10
    discoveryupx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks