Overview

overview

6

Static

static

3

documento 49711.pdf

windows7_x64

6

documento 49711.pdf

windows10-2004_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    documento 49711.pdf

  • Size

    18KB

  • Sample

    220506-p896wshhc6

  • MD5

    cae578660134d034d53f262c54f80740

  • SHA1

    29e8913d82e1d4f3cea1372eb252141760638d92

  • SHA256

    262c6cc05680448a3cc2f1122093635835019cac69a767f6df42e3574fb82cef

  • SHA512

    fc7e5e4def3f37cb4e727b1476fab1d09c13285dcfbf7cb0d9c34e9a258df77078ed23c82cc286da02ba7126fb9b324a5634e7beefbe6023d658c095a54fb30d

Score
6/10
linkpdfpersistence

Malware Config

Targets

    • Target

      documento 49711.pdf

    • Size

      18KB

    • MD5

      cae578660134d034d53f262c54f80740

    • SHA1

      29e8913d82e1d4f3cea1372eb252141760638d92

    • SHA256

      262c6cc05680448a3cc2f1122093635835019cac69a767f6df42e3574fb82cef

    • SHA512

      fc7e5e4def3f37cb4e727b1476fab1d09c13285dcfbf7cb0d9c34e9a258df77078ed23c82cc286da02ba7126fb9b324a5634e7beefbe6023d658c095a54fb30d

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks