Overview

overview

6

Static

static

6

6263d8ee-3...b6c.js

windows10-1703-x64

3

folder-4/4/777.pdf

windows10-1703-x64

1

Resubmissions

01-07-2024 03:03

240701-dkfftsxflm 6

01-07-2024 02:56

240701-dffwssxemm 7

01-07-2024 02:51

240701-db8e9axdnn 6

01-07-2024 02:44

240701-c8aptatemd 6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    folder-4-pw-badfile.zip

  • Size

    5.5MB

  • MD5

    c356f61e10b385fadd246923bea4c5b5

  • SHA1

    5cd4d73d341730a410f4fc4ce0da3b5c03b751ef

  • SHA256

    cb4a0d555233f1ffa56170a3559fb33cc22053d6fef7a5dff245ac1970db93b4

  • SHA512

    1748598ee0a6bcb6cf6696c1f3f949877bb6856a389ea510d74a257eebb1c9bde58c19e137bd2e6810e05f6ac4f2238f9df487ad25f166463ad6406f83e1e31d

  • SSDEEP

    98304:5VnJaRJFd/HCgZG6iQHcw7oyO1MtJP7sSZYW76OC5fItTAq9d3As8lUwbUkXePH:5GL/HCgMpQHvcAnPVZJ+QOOdt8lakOf

Score
6/10
pdfevasion

Malware Config

Signatures

  • Malformed or missing cross-reference table in PDF

    Malformed or missing cross-reference tables are often used to evade detection

    pdfevasion
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • folder-4-pw-badfile.zip
    .zip

    Password: badfile

  • folder-4/4/.ses
  • folder-4/4/3f9528a7-db66-4e14-ad99-3bb20b994e75.tmp
    .gz

    Password: badfile

  • 3f9528a7-db66-4e14-ad99-3bb20b994e75.tmp
  • folder-4/4/6263d8ee-35c3-4efe-a889-a1caa528eb6c.tmp
    .gz

    Password: badfile

  • 6263d8ee-35c3-4efe-a889-a1caa528eb6c.tmp
    .js
  • folder-4/4/777.exe
    .pdf
  • folder-4/4/MSIb12b3.LOG
  • folder-4/4/MSIfc7b8.LOG
  • folder-4/4/appInsights-node71ebf67a-f23a-4893-bafb-e7fd7a0f43d3/1719468866134.ai.json
  • folder-4/4/c1491b6d-eeba-4bdd-acff-25435ad38b87.tmp
    .pdf
  • folder-4/4/cv_debug.log
  • folder-4/4/is-M72TF.tmp/_isetup/_setup64.tmp
    .exe windows:4 windows x64 arch:x64

    Password: badfile

    35a25297eaad71a907abf55111fc7e24


    Headers

    Imports

    Sections

  • folder-4/4/msedge_installer.log
  • folder-4/4/servicehub/logs/979dad25-IdentityStorageService-6412-iwy2txk1-1.log
  • folder-4/4/servicehub/logs/StorageServiceSingleton-3892-24oeddwr-1.log
  • folder-4/4/servicehub/logs/StorageServiceSingleton-3892-b0wzsbyo-1.log
  • folder-4/4/servicehub/logs/StorageServiceSingleton-3892-rxydaoop-1.log
  • folder-4/4/servicehub/logs/StorageServiceSingleton-3892-zn1boqt5-1.log
  • folder-4/4/servicehub/logs/StorageServiceSingleton-6412-3stl0v2k-1.log
  • folder-4/4/servicehub/logs/StorageServiceSingleton-6412-dklnww2r-1.log
  • folder-4/4/servicehub/logs/StorageServiceSingleton-6412-jybrzcaz-1.log
  • folder-4/4/servicehub/logs/StorageServiceSingleton-6412-yfgmyi25-1.log
  • folder-4/4/servicehub/logs/f8470a55-IdentityStorageService-3892-oplbhpnm-1.log
  • folder-4/4/wmsetup.log