2f797fea6365323f804e8f5931da85e1bc809f4eaf0135766b67cfcf7b93bba7 | Triage

Sharing

General

Target

2f797fea6365323f804e8f5931da85e1bc809f4eaf0135766b67cfcf7b93bba7
Size

5.7MB
Sample

220920-m8y3hsgdgm
MD5

efa9d99e814d059764cf9229fa960a07
SHA1

2fd35657e8a437bff3ec4b99f191eb19b3b69d9a
SHA256

2f797fea6365323f804e8f5931da85e1bc809f4eaf0135766b67cfcf7b93bba7
SHA512

a9866263df3786af93d8f5ac5a2f4f75a9ace67d2651152d173c5e4ecb6440a4d7090ad673954a6265447d456b5d4911fc02a8e51642160e744c19e13f6eb5a9
SSDEEP

49152:+4xx/2wDDxrOh9/HMrq570CzXViwaoNlQC5KCQOdWSzY6srY3Vp3B7+:V

Score

7^/10

link pdf

Malware Config

Targets

- Target
  
  Flag 'B' - Dos and Don'ts for Procurement under LOCs.pdf
- Size
  
  142KB
- MD5
  
  ad79e90f917822ca94110245d5219649
- SHA1
  
  4d11f46d736df3d64dee85c3f2723bf17a3d4606
- SHA256
  
  fa447e103d3583e9d76155c3a469b3afa2ee297d6c82ebe558d4da63c5c6a2cb
- SHA512
  
  19be5a65809f6d3769aae3dbf3ae16dffc10a25371510f4920adcb9ec3e9d302a453feec6bc9ba6a8930f003a2867d135afd431d0116616f17f49c34976e64ad
- SSDEEP
  
  3072:Rv7IW8bfNCKkW4/YM/dBirfmnJbTOlAdjtoZqqfaH9:RcxVCrXcreFKAdj+Zqv
Score

1^/10
behavioral1 behavioral2
- Target
  
  Flag 'C' - Handbook on Lines of Credit.pdf
- Size
  
  3.7MB
- MD5
  
  ebd1b5c371fed3c38b29ec1186abb168
- SHA1
  
  316d9165c59d8de0e8bca5d4f5322410311e66f8
- SHA256
  
  d5f32b4e4d6890ec6cd8463c28646caedb0c3abcd5b72715d83240becb1d8f59
- SHA512
  
  41e89f45d57ce84d1080ff3d2fd4da8f1a491ea7d75895edd727e681bb2c07a13acbe5d96ff12abab9d6aded00dd0aa04160e355251434c101870dbb50b0cf47
- SSDEEP
  
  98304:vCfD0InYbBoNQZKRwpKtburubur3qc8n4:v8YbyNQZKRwXrzr3C4
Score

1^/10
behavioral3 behavioral4
- Target
  
  Flag-'A'-LOC_flowcharts-New.doc.js
- Size
  
  290KB
- MD5
  
  16b292e205cae359bddba8052ee51ab1
- SHA1
  
  45e704ed5995a83b56146034e7c42172c3bacf7a
- SHA256
  
  942e26b9c769bbfd6a9cb2237d4b7a0788d95bc2a144f41bba38b300133027ff
- SHA512
  
  07fa4f502555dd057f490f43937f85ea7856fee33f34b36dd1ad5e96afdc650548dc932ee2df15a5ea0f7197cfed2a70578e57513a92b191df1a7c83f4016334
- SSDEEP
  
  3072:Cj+nRsIgyLXBJgHj8m/b4aMnODn0ACJAMotP/0Q5oY/mEVbN:rnRsIgC3ij8m/bMOgotP8QqCHbN
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6