General
-
Target
Correo Externo R3912349DS --- Referencia POSIBLE SANCIÓN E INHABILIDA... (723 KB).msg
-
Size
109KB
-
Sample
241206-awszhszqgz
-
MD5
45684554337c2beb94dcdbda136c6661
-
SHA1
1f2ccc3c43a899e4f43296a8eff2ed152899590d
-
SHA256
d7d0a5f88b8d3660144c7df7b32d4ea1151ccc255a356839cbc5a2637b5d66a0
-
SHA512
d2b87cb69548567ca559d3eff2837f7595463f0ea6ff40b5803032d797831624b4d8418a6e799d50a1d7ce718aaf8158a050406cc9bfa04b0a3887117d0c21e5
-
SSDEEP
1536:9AAE5O4JZL6hgSgyov5tCVGXEYrq8JMBJDp8LvGXMeiA:9AAE5DL6qiYs8WHVyvGTiA
Static task
static1
Behavioral task
behavioral1
Sample
Correo Externo R3912349DS --- Referencia POSIBLE SANCIÓN E INHABILIDA... (723 KB).msg
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Correo Externo R3912349DS --- Referencia POSIBLE SANCIÓN E INHABILIDA... (723 KB).msg
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
OFICIO 023 POSIBLE SANCIÓN E INHABILIDAD DEL CARGO.pdf
Resource
win7-20241023-en
Behavioral task
behavioral4
Sample
OFICIO 023 POSIBLE SANCIÓN E INHABILIDAD DEL CARGO.pdf
Resource
win10v2004-20241007-en
Malware Config
Extracted
https://drive.google.com/uc?export=download&id=
Extracted
https://drive.google.com/uc?export=download&id=
Extracted
https://drive.google.com/uc?export=download&id=
Targets
-
-
Target
Correo Externo R3912349DS --- Referencia POSIBLE SANCIÓN E INHABILIDA... (723 KB).msg
-
Size
109KB
-
MD5
45684554337c2beb94dcdbda136c6661
-
SHA1
1f2ccc3c43a899e4f43296a8eff2ed152899590d
-
SHA256
d7d0a5f88b8d3660144c7df7b32d4ea1151ccc255a356839cbc5a2637b5d66a0
-
SHA512
d2b87cb69548567ca559d3eff2837f7595463f0ea6ff40b5803032d797831624b4d8418a6e799d50a1d7ce718aaf8158a050406cc9bfa04b0a3887117d0c21e5
-
SSDEEP
1536:9AAE5O4JZL6hgSgyov5tCVGXEYrq8JMBJDp8LvGXMeiA:9AAE5DL6qiYs8WHVyvGTiA
Score5/10-
Drops file in System32 directory
-
-
-
Target
OFICIO 023 POSIBLE SANCIÓN E INHABILIDAD DEL CARGO.pdf
-
Size
60KB
-
MD5
5cc6a0590df5c2d11054e648427f551b
-
SHA1
ea31839c9f7bdddde3e8b20e44408cefb885c285
-
SHA256
d1b3251e0896d300fe8764d0e820c2707515f27364e28115b7e7392274cfa10d
-
SHA512
51c5bde8ea5482e318aebc06968a9cdce83575d3c06ada3a958962448431af31a5a906d95f172a544ff79fdc16aa09c97066b7d2bdc9f6fec42620e681cb97e6
-
SSDEEP
768:hghgubg2NEdvvEbaXtgX5VG2/fOHxEYrqGSyLN2hBicL5ughpzT8LiADuVXIA0N:ChgSgyov5tCVGXEYrq8JMBJDp8LvGXMN
-
Blocklisted process makes network request
-
Drops startup file
-
Legitimate hosting services abused for malware hosting/C2
-