Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SR_AD40BM0.1-A01N_A24-ENG.pdf

Overview

General Information

Sample name:SR_AD40BM0.1-A01N_A24-ENG.pdf
Analysis ID:1419164
MD5:aa8ff96636214fb017ed4d31f3e81540
SHA1:945ba0fc78217bd64a2c5f97f74a20708592c0d0
SHA256:3198b142e34be6ef581d4b9a8681960c41f57c27812132de08e06de750316e20
Infos:

Detection

Score:5
Range:0 - 100
Whitelisted:false
Confidence:0%

Signatures

Checks for available system drives (often done to infect USB drives)
Creates files inside the system directory
Deletes files inside the Windows folder
Drops PE files
Drops PE files to the windows directory (C:\Windows)
Found dropped PE file which has not been started or loaded
PDF is encrypted
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Queries the volume information (name, serial number etc) of a device
Tries to load missing DLLs

Classification