matanbuchus | 4fd90cf681ad260f13d3eb9e38b0f05365d3984e38cfba28f160b0f810ffd4d3 | Triage

Submit
Reports

Overview

overview

Static

static

SCAN-446993.pdf.msi

windows10_x64

Sharing

General

Target

SCAN-446993.pdf.msi
Size

224KB
Sample

220621-hk47eaecg7
MD5

d141ec71b5b9443bc23b64c43ce9c36f
SHA1

2fe64fa393c29dc4f865164ee32f34626e159a26
SHA256

4fd90cf681ad260f13d3eb9e38b0f05365d3984e38cfba28f160b0f810ffd4d3
SHA512

eb9e14af6c44b631f2c13dce7a56f4b9431443bef4195c57a50b15b963c0bdcc417521e8c9608dbc43fcdb1faeac9cea81a91c873280d13d509a9505e5f5c0f6

Score

10^/10

matanbuchus loader

Static task

static1

Behavioral task

behavioral1

Sample

SCAN-446993.pdf.msi

Resource

win10-20220414-en

matanbuchus loader

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SCAN-446993.pdf.msi
- Size
  
  224KB
- MD5
  
  d141ec71b5b9443bc23b64c43ce9c36f
- SHA1
  
  2fe64fa393c29dc4f865164ee32f34626e159a26
- SHA256
  
  4fd90cf681ad260f13d3eb9e38b0f05365d3984e38cfba28f160b0f810ffd4d3
- SHA512
  
  eb9e14af6c44b631f2c13dce7a56f4b9431443bef4195c57a50b15b963c0bdcc417521e8c9608dbc43fcdb1faeac9cea81a91c873280d13d509a9505e5f5c0f6
Score

10^/10

matanbuchus loader
- Matanbuchus
  A loader sold as MaaS first seen in February 2021.
  loader matanbuchus
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

matanbuchusloader

© 2018-2025

Terms | Privacy