General
-
Target
Blocked_Mtcn_pdf.jar
-
Size
744KB
-
Sample
220811-kgf2hsfcg7
-
MD5
0981f372b79a6cb066b549f77222ed99
-
SHA1
656b499793e15d10ff2f5c390fe68b0936747bf4
-
SHA256
6461adafdbd61960915775dea557e0e90befe75f1dd4e5f46517912438b16ce1
-
SHA512
73c0850ac7d1a7f8570be952638ab1e602a46ad110ea74a2fc9a225b1e4ff9c5bfad03b9a669bfc7fedcd94ffc69851859fa96812fe85ec850b77f5c145ce5cd
Static task
static1
Behavioral task
behavioral1
Sample
Blocked_Mtcn_pdf.jar
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
Blocked_Mtcn_pdf.jar
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
Blocked_Mtcn_pdf.jar
-
Size
744KB
-
MD5
0981f372b79a6cb066b549f77222ed99
-
SHA1
656b499793e15d10ff2f5c390fe68b0936747bf4
-
SHA256
6461adafdbd61960915775dea557e0e90befe75f1dd4e5f46517912438b16ce1
-
SHA512
73c0850ac7d1a7f8570be952638ab1e602a46ad110ea74a2fc9a225b1e4ff9c5bfad03b9a669bfc7fedcd94ffc69851859fa96812fe85ec850b77f5c145ce5cd
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-