General
-
Target
502904220095846388.pdf
-
Size
847KB
-
Sample
220329-3p9ynshadn
-
MD5
a2c5cce263fca9291b449e89144c63f4
-
SHA1
088aa6bbf62575d63e72b142d56403a231522365
-
SHA256
e73a434717761b7af4f4c084f13a176f3a24dccf8aa93169a65ee0828a2ef1fb
-
SHA512
e0aa1d2e261858b2712ceff65474840ae567b7059ace1708efa4e7682dead3f877231727f420bff09ee8f0d7d307e679585b1c638189dbd3f04be89fa73fab9a
Behavioral task
behavioral1
Sample
502904220095846388.pdf
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
502904220095846388.pdf
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
502904220095846388.pdf
-
Size
847KB
-
MD5
a2c5cce263fca9291b449e89144c63f4
-
SHA1
088aa6bbf62575d63e72b142d56403a231522365
-
SHA256
e73a434717761b7af4f4c084f13a176f3a24dccf8aa93169a65ee0828a2ef1fb
-
SHA512
e0aa1d2e261858b2712ceff65474840ae567b7059ace1708efa4e7682dead3f877231727f420bff09ee8f0d7d307e679585b1c638189dbd3f04be89fa73fab9a
Score10/10-
Registers COM server for autorun
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-