Windows Analysis Report
Document 35405 (2).pdf

Overview

General Information

Sample name: Document 35405 (2).pdf
Analysis ID: 1419159
MD5: 4ff9fae10d7736c3572aa9e790956a1f
SHA1: 38b58154a27f443d3ee999e492ab25bd5cb3d5f2
SHA256: 366cf33daf5f3807960a5c3120a793385a038b40483c593c8f3e971879b01c20
Infos:

Detection

Score: 2
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

IP address seen in connection with other malware
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Uses a known web browser user agent for HTTP communication

Classification

Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 104.94.108.142:443 -> 192.168.2.4:49740
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traffic: 104.94.108.142:443 -> 192.168.2.4:49740
Source: global traffic TCP traffic: 104.94.108.142:443 -> 192.168.2.4:49740
Source: global traffic TCP traffic: 192.168.2.4:49740 -> 104.94.108.142:443
Source: global traffic TCP traf