Overview

overview

8

Static

static

4

oloo@mid.r...33.pdf

windows10_x64

1

oloo@mid.r...__.pdf

windows10_x64

1

oloo@mid.r...?.docx

windows10_x64

1

oloo@mid.r...?.docx

windows10_x64

1

oloo@mid.r...?.docx

windows10_x64

1

oloo@mid.r...??.pdf

windows10_x64

1

oloo@mid.r...??.exe

windows10_x64

8

oloo@mid.r...13.pdf

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    001f329a99a84175ebadb671170482baeef0338807e93f399825381e58807f37.7z

  • Size

    13.3MB

  • Sample

    220119-be3m3aedgr

  • MD5

    14e12bdc824317a89657ed6f3e931f9a

  • SHA1

    d5a19fedf073eec59d13012f60343cc0df2f0456

  • SHA256

    221b11a9ca29581978c794f1ad4bad6865407194d8b9351e1d26a553fd541bf4

  • SHA512

    f7d3a11cbba44a89310701e737fc77aadef5c94ea03bde03021199919f0f4a8b6fa48bb60d8d3d478f0f2052fe489766e663beaf9a8f5b3a586cb394b416039a

Score
8/10
linkpdfupx

Malware Config

Targets

    • Target

      oloo@mid.ru/0001202110250033.pdf

    • Size

      350KB

    • MD5

      89f98f4ae0285edc55fca7b56f75c46b

    • SHA1

      4cc0d1bf2cdc28d9500d91bb31b19fe753af0106

    • SHA256

      48064d925c3106cd19e33c7fee16d2459bd851fadbd4ea888f156b7705b9b25f

    • SHA512

      0bc7b53c2fa55f6137cfcbce28d0de1ead02c2bd84ab62a5fb2177bb2945a67b9415c7df9b9466e6b4c98695ac64a302633333356855c0ea7c79ad0649f79353

    Score
    1/10
    behavioral1

    • Target

      oloo@mid.ru/20_10_2021_01_6101_21____________________________.pdf

    • Size

      791KB

    • MD5

      cb6a17f8b475ad25f1f9ba494a57471a

    • SHA1

      1543d5d4251174300c4262ce7e0d18982a9518b0

    • SHA256

      f56f295ed4775a8f07376ab47e624c82996d702f03907f4200f2030a8be5608e

    • SHA512

      7cce042dba8474ad31ca079444d1aab623bbf353968a3c25ee4ca9cfd354469b36600b90238950753a13e2caa0ce24b5aa4dd23792e113453434481ab9a3ec93

    Score
    1/10
    behavioral2

    • Target

      oloo@mid.ru/??? ?? ??????????.docx

    • Size

      935KB

    • MD5

      17c249aab93e7d3ad8a7c6f65717db41

    • SHA1

      8dda7d72267f6f933fabf11288716a9faacd361d

    • SHA256

      51899ef5370bcba1f41852c59ef299b4097e4be0e07c28a00e2eaa27ea8f08d3

    • SHA512

      661cb2673523d2f96b0a4d3b31f41f6a174b7013846f4fed64e41729cc38baffc5972742ee1e200c9b7d81f576e6f3f28b5613e00493ce48b1c5bac3694e1520

    Score
    1/10
    behavioral3

    • Target

      oloo@mid.ru/?????? ? ????????????????? ?? ????? ?? ???????.docx

    • Size

      16KB

    • MD5

      e786381b43d18eef7e0aa3d778129802

    • SHA1

      debcd524324ec9e2234ceda21265781a9712bf64

    • SHA256

      0214ad0d9eaf761a880af5a6f32ef3de9497c207d47500345622420bee574e10

    • SHA512

      f252f97d8656eccfc3cc9d69caf92b5a25b38ab95e76c20a4f7142d13ffab95f1d72d58b20f982b2d9e236e1c1aa9052b72b39fa5ca80588b4852428fe12a733

    Score
    1/10
    behavioral4

    • Target

      oloo@mid.ru/?????? ? ??????????????? ?? ????? ?? ???????.docx

    • Size

      17KB

    • MD5

      180fdd99d3e7747e1655ff2a9fa7437a

    • SHA1

      b8d03b2b4a092ea1123e92c1b612ae21de74d081

    • SHA256

      e2c9484eb12d1b8db4bf3db38915a291a9076e11dcc4b934a1e7907dd8ce2655

    • SHA512

      fb39ad2bcc5376a9fee452a4eae667a817591b167910520d0b3b66690f0e99bcdc592acc1568bdacf3a1c4b032581f6a7704c044b852950449ea10e177b56f4a

    Score
    1/10
    behavioral5

    • Target

      oloo@mid.ru/???????? ?? ????????? ???????????? ??????.pdf

    • Size

      48KB

    • MD5

      2db6f43a00bdca44eea9548fba971956

    • SHA1

      a78b28eb2fa5ded89b653dcb7488ba2788eff998

    • SHA256

      6a62e2d6dd7c541387bca0cfec57451b481f7f841c747e8e08ea276189632f29

    • SHA512

      b134b26c170312865c5257d1bd7e6faf2e51ff33ee3d1552ab67b06048b1caae683142e1091e08934b2ef14ab9c915941cef937be8d65503db17faad4e853220

    Score
    1/10
    behavioral6

    • Target

      oloo@mid.ru/????????? ??? ??????????? ???????? ? ??????????? ???????? ???????????????.exe

    • Size

      8.2MB

    • MD5

      8b7fdb80ea30a675d776ee3c6a2b5062

    • SHA1

      763b7358672ff8b8d7b3428faf4fedb3ad2caaad

    • SHA256

      1ce18f816875dae22ff0e038c9792d28ea649f119428a6b7e5af47e080f1dddd

    • SHA512

      46f8b2f046bf4166dfcd326ddf741f8bcd43fa78ef11af16f6040486f2ce5cd9c632d71d2746d8854e0c1b9d809a09dea557f8e7d4709344026b71fe9af8b06c

    Score
    8/10
    upx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral7

    • Target

      oloo@mid.ru/BMP-13.pdf

    • Size

      3.9MB

    • MD5

      5f5ecad862ffc50f20988a528f56937b

    • SHA1

      b1b0ef49bf9e490662c9f42930174b1db455b658

    • SHA256

      c81ef8dcabda564354203125dc5681ea9a7b4167feec2ce2842f01d161746e1a

    • SHA512

      f70cbeea8b9ebf91f883cde36d374fcb55d1d2620acc82232582e27dd6d136685a917a9530569bd7f6498d3ad40908715677b6ab174165132da4e7192e270793

    Score
    1/10
    behavioral8

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

4
T1112

Credential Access

Discovery

Query Registry

10
T1012

System Information Discovery

11
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks