Overview

overview

6

Static

static

5

Documents.pdf.exe

windows7-x64

6

Documents.pdf.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Documents.pdf.exe

  • Size

    958KB

  • Sample

    241120-qxdh8askap

  • MD5

    84fc846346048b8cde6b4354f476bb1e

  • SHA1

    1c79724304ec950e551b750a5c3c5f5e28b9b40b

  • SHA256

    7fed26cb1381219906f60ae0b64cdc3aa7f769d6c7c30efff089df9ea811cfd0

  • SHA512

    9fbdf9cadc7eb364c20bb1b701ca890f1a9605e21ee74839ad423714ecb1f6e8754a7aba6565f7cbfe845f1c7ad652afaa81b6ef6e8745d2741822c4d4966d9e

  • SSDEEP

    12288:vtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaTTwFhSSs6A:vtb20pkaCqT5TBWgNQ7anwnRs6A

Score
6/10
collectiondiscovery

Malware Config

Targets

    • Target

      Documents.pdf.exe

    • Size

      958KB

    • MD5

      84fc846346048b8cde6b4354f476bb1e

    • SHA1

      1c79724304ec950e551b750a5c3c5f5e28b9b40b

    • SHA256

      7fed26cb1381219906f60ae0b64cdc3aa7f769d6c7c30efff089df9ea811cfd0

    • SHA512

      9fbdf9cadc7eb364c20bb1b701ca890f1a9605e21ee74839ad423714ecb1f6e8754a7aba6565f7cbfe845f1c7ad652afaa81b6ef6e8745d2741822c4d4966d9e

    • SSDEEP

      12288:vtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaTTwFhSSs6A:vtb20pkaCqT5TBWgNQ7anwnRs6A

    Score
    6/10
    collectiondiscovery

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks