Overview

overview

8

Static

static

acbd2bf4fd...f0.exe

windows7_x64

8

acbd2bf4fd...f0.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    acbd2bf4fd0d2f68aa7d1f645dcb8e1b18eb97f6c097cadb3a1ac7caf59737f0.7z

  • Size

    18.8MB

  • Sample

    220518-jkbqjafah7

  • MD5

    fa8e828d54e89e669708303683265a9c

  • SHA1

    e864e9c11770bbd2087fdd52ad81ecb4585069dc

  • SHA256

    3c999585ea520a68e921a96e32185a22993c6972823cb4aa8cde643cb79d8b72

  • SHA512

    c3421b407240beff3e226d4802ccb71911517ce039defb990ebf133b9dd7a64006d17fff507292d4b89d438873343040a022f659ce526154724a097843638609

Score
8/10
linkpdfpyinstaller

Malware Config

Targets

    • Target

      acbd2bf4fd0d2f68aa7d1f645dcb8e1b18eb97f6c097cadb3a1ac7caf59737f0.exe

    • Size

      19.1MB

    • MD5

      9513f913759db729ab2ee7d8b8da52a6

    • SHA1

      dbc55229da1c2c151bdfc7d18e5d19598b9be0f8

    • SHA256

      acbd2bf4fd0d2f68aa7d1f645dcb8e1b18eb97f6c097cadb3a1ac7caf59737f0

    • SHA512

      4295ec4b7a3cbf4ffa365a98d7ccd81b7f549c07e56c325617d126b3876c07c949da1896b4504fd7f6b65e533d02830b95fb8f63de7e9684dfdb105f54c7d668

    Score
    8/10
    linkpdfpyinstaller

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

4
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks