General
-
Target
b752bcdd244f25e8071857279133c80d1423594cf0b412d5a209bc80732b2616
-
Size
452KB
-
Sample
220521-pf91esadhr
-
MD5
c0ccb2938e295e29a92d56043e3d9a24
-
SHA1
c630ced6b9af1cf622b837acad0b1bfec3f4c8e0
-
SHA256
b752bcdd244f25e8071857279133c80d1423594cf0b412d5a209bc80732b2616
-
SHA512
5ea8943ec90fbd80191c6c68f277709a8b17f47a427593002931beed5b5ef1272d0862dff0a963f07de8fbfc5755eac53f5d8d2933e7904dcad8feda21173636
Behavioral task
behavioral1
Sample
SingPost-6246721,pdf.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
SingPost-6246721,pdf.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
SingPost-6246721,pdf.exe
-
Size
390KB
-
MD5
9b5dbfba82dff9bf15da0cccb119daad
-
SHA1
413830039c21e73e75955139af53b9c48e420d89
-
SHA256
6b1d69a75a4b53cb49c6acece476246b2ee6f483664091cee8cd24bbd444c636
-
SHA512
25fd2825d9a3fd38a3ff40c40e20b8568b6469eaa2f2cc6bb8bd57cac34bfe600cac5e3dd402f1252f71c26c4ca68e609d81f59eee5912812b1f3b0032cfd19e
Score10/10-
Async RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-