Overview

overview

8

Static

static

4

7eb4ea6277...4d.lnk

windows7_x64

3

7eb4ea6277...4d.lnk

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7eb4ea6277bd62653cc474cf1125165c9bdc43858811c0d88be25e2ec34bc14d

  • Size

    3.5MB

  • Sample

    220204-kda14afge7

  • MD5

    85ed6ab8f60087e80ab3ff87c15b1174

  • SHA1

    6907e717352376e84d410a1e7cc265fcd3d33aef

  • SHA256

    7eb4ea6277bd62653cc474cf1125165c9bdc43858811c0d88be25e2ec34bc14d

  • SHA512

    65369afa96fa084fc6ca02fe9e202f560d9dc76a8b53ffcb82b0c06244e920e97eba7f7a32a05b1751c00bfbdd61935e16cc60eaeae08f287f18c0b2bd54d97a

Score
8/10
linkpdfpersistence

Malware Config

Targets

    • Target

      7eb4ea6277bd62653cc474cf1125165c9bdc43858811c0d88be25e2ec34bc14d

    • Size

      3.5MB

    • MD5

      85ed6ab8f60087e80ab3ff87c15b1174

    • SHA1

      6907e717352376e84d410a1e7cc265fcd3d33aef

    • SHA256

      7eb4ea6277bd62653cc474cf1125165c9bdc43858811c0d88be25e2ec34bc14d

    • SHA512

      65369afa96fa084fc6ca02fe9e202f560d9dc76a8b53ffcb82b0c06244e920e97eba7f7a32a05b1751c00bfbdd61935e16cc60eaeae08f287f18c0b2bd54d97a

    Score
    8/10
    persistence

    • Sets service image path in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks