2d22eda50d8a63f41962bbd045a86889dd24d78b1bea65d1dc8006504d77faa7 | Triage

Submit
Reports

Overview

overview

8

Static

static

doc_801184...df.exe

windows7_x64

8

doc_801184...df.exe

windows10_x64

8

Sharing

General

Target

doc_80118400-13.pdf.exe
Size

217KB
Sample

211105-mstsvsbde3
MD5

4a839563f793df5802e607d977c23f03
SHA1

6f39139fabb6e37bc5a48d27abb6bcfe3fef6672
SHA256

2d22eda50d8a63f41962bbd045a86889dd24d78b1bea65d1dc8006504d77faa7
SHA512

c00f4c4997dd092357c7651f1c72ffa05f7a73f1993f3fcd243f615b6ec42e75b8c0c050d2152395e24ee02d43572f67bcff0923e475eddde556eb58c36d2699

Score

8^/10

pyinstaller

Static task

static1

Behavioral task

behavioral1

Sample

doc_80118400-13.pdf.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

doc_80118400-13.pdf.exe

Resource

win10-en-20211104

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  doc_80118400-13.pdf.exe
- Size
  
  217KB
- MD5
  
  4a839563f793df5802e607d977c23f03
- SHA1
  
  6f39139fabb6e37bc5a48d27abb6bcfe3fef6672
- SHA256
  
  2d22eda50d8a63f41962bbd045a86889dd24d78b1bea65d1dc8006504d77faa7
- SHA512
  
  c00f4c4997dd092357c7651f1c72ffa05f7a73f1993f3fcd243f615b6ec42e75b8c0c050d2152395e24ee02d43572f67bcff0923e475eddde556eb58c36d2699
Score

8^/10

pyinstaller
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy