General
-
Target
PDF6UU0CVUO2W-YGVUIO.BZ2.rar
-
Size
511KB
-
Sample
250115-scqn6axmhm
-
MD5
086796a9d8f0d57ee0aaa2f5b4ec91ca
-
SHA1
1d3398192734dea8486e93edc5c80e83a91100f6
-
SHA256
7df70943e6d80d9c2a3a29bbb48b3cbddb231b004b9051fcca17c1bc2e26c738
-
SHA512
182ddbe77771d61c2a63a83b22588d311588e6eb8b672ef627802ca630a83649331a4d40dc15906b3c4464b4f034e500ee78937a81985a75800c03ec0c9ea948
-
SSDEEP
12288:xGxO52h+dVZfIIR5GVyQqlVTnolTCXvXf/EkyjHOC6U+alaPnbM9OhpUn:xGkjVZfIIR51QqvDcWXvwsU+alLLn
Static task
static1
Behavioral task
behavioral1
Sample
PDF6UU0CVUO2W-YGVUIO.scr
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
PDF6UU0CVUO2W-YGVUIO.scr
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
PDF6UU0CVUO2W-YGVUIO.scr
-
Size
624KB
-
MD5
9d8bc1bd62ddd6ebe6f9e25a8c73bca3
-
SHA1
0a34d97de35ea1c4252bb2bf148c1173666f7343
-
SHA256
53744fdba0544f915f43eddad494ea07a405776df30864415d6b1445db042481
-
SHA512
b19a0ce9ebc0c419ce53b5f646d90dc53744480bd40d1c84f7caf29f688deff25503cb20ca709828d10e088d60b43d1ed6687b10aef4d39ee3d2b7c20a64de8d
-
SSDEEP
12288:ZYRxA4Y5lyA/BxSPCVZxTEQBae03JIpfsTC6RPBI6RgZOYNCVpveB/B19kR:uRwL9BaZJIpoC6R5I2SOY+pvc/ng
Score7/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-