e73a434717761b7af4f4c084f13a176f3a24dccf8aa93169a65ee0828a2ef1fb | Triage

Submit
Reports

Overview

overview

Static

static

3

5029042200...88.pdf

windows7_x64

1

5029042200...88.pdf

windows10-2004_x64

Sharing

General

Target

502904220095846388.pdf
Size

847KB
Sample

220329-3p9ynshadn
MD5

a2c5cce263fca9291b449e89144c63f4
SHA1

088aa6bbf62575d63e72b142d56403a231522365
SHA256

e73a434717761b7af4f4c084f13a176f3a24dccf8aa93169a65ee0828a2ef1fb
SHA512

e0aa1d2e261858b2712ceff65474840ae567b7059ace1708efa4e7682dead3f877231727f420bff09ee8f0d7d307e679585b1c638189dbd3f04be89fa73fab9a

Score

10^/10

evasion link pdf persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

502904220095846388.pdf

Resource

win7-20220311-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

502904220095846388.pdf

Resource

win10v2004-en-20220113

evasion persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  502904220095846388.pdf
- Size
  
  847KB
- MD5
  
  a2c5cce263fca9291b449e89144c63f4
- SHA1
  
  088aa6bbf62575d63e72b142d56403a231522365
- SHA256
  
  e73a434717761b7af4f4c084f13a176f3a24dccf8aa93169a65ee0828a2ef1fb
- SHA512
  
  e0aa1d2e261858b2712ceff65474840ae567b7059ace1708efa4e7682dead3f877231727f420bff09ee8f0d7d307e679585b1c638189dbd3f04be89fa73fab9a
Score

10^/10

evasion persistence trojan
- Registers COM server for autorun
  persistence
- Executes dropped EXE
- Sets file execution options in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistencetrojan

© 2018-2024

Terms | Privacy