General

  • Target

    bbdy_document_07.06.2022.doc

  • Size

    2.8MB

  • Sample

    220706-ex4jvsggcm

  • MD5

    d099b942e5e42a6f4cf0428a16d9e234

  • SHA1

    f79cc392c65c3242ceac6314bcf86a5162a87208

  • SHA256

    bddea66a3234b3773af6aff828f02df1c894516a54cbd2ccea6ff722262d0fa5

  • SHA512

    b253d0d91e7415cea6f44f1cd72bcb86e3195aa8fc09e3a3a10aeb10429518963e218a7c271e467c37604ef447136d1d14452d938eacd2b02d9a1900f481f321

Malware Config

Targets

    • Target

      bbdy_document_07.06.2022.doc

    • Size

      2.8MB

    • MD5

      d099b942e5e42a6f4cf0428a16d9e234

    • SHA1

      f79cc392c65c3242ceac6314bcf86a5162a87208

    • SHA256

      bddea66a3234b3773af6aff828f02df1c894516a54cbd2ccea6ff722262d0fa5

    • SHA512

      b253d0d91e7415cea6f44f1cd72bcb86e3195aa8fc09e3a3a10aeb10429518963e218a7c271e467c37604ef447136d1d14452d938eacd2b02d9a1900f481f321

    • Detects SVCReady loader

    • SVCReady

      SVCReady is a malware loader first seen in April 2022.

    • suricata: ET MALWARE Observed Win32/SVCReady Loader User-Agent

      suricata: ET MALWARE Observed Win32/SVCReady Loader User-Agent

    • suricata: ET MALWARE Win32/SVCReady Loader CnC Activity M2

      suricata: ET MALWARE Win32/SVCReady Loader CnC Activity M2

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks