Analysis

  • max time kernel
    106s
  • max time network
    114s
  • platform
    windows7_x64
  • resource
    win7v200217
  • submitted
    29-03-2020 21:47

General

  • Target

    INVOICE AND PACKING LIST PDF.exe

  • Size

    824KB

  • MD5

    51a4abeb33785f07ea531248035bf602

  • SHA1

    671cbb4a7341d7ca9138c87f22c517b8a54c126f

  • SHA256

    13b46d9524b436eb825c317fde69b0710f295ab95ead1e9d5c4babe39d9287f8

  • SHA512

    fb6d606492aec3e5ba74c804627a856a10b01b815f65cdcf2b439253b88263d5c0f172a8a173079d3306d4625a73105d25243024ae1c2e63ca7df08aefb70880

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 83 IoCs
  • Drops startup file 1 IoCs
  • Drops file in Program Files directory 388 IoCs
  • Drops file in Windows directory 1 IoCs
  • Drops autorun.inf file 1 TTPs 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\INVOICE AND PACKING LIST PDF.exe
    "C:\Users\Admin\AppData\Local\Temp\INVOICE AND PACKING LIST PDF.exe"
    1⤵
    • Loads dropped DLL
    • Drops startup file
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • Drops autorun.inf file
    PID:1860

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

1
T1091

Lateral Movement

Replication Through Removable Media

1
T1091

Replay Monitor

Loading Replay Monitor...

Downloads