General

  • Target

    Document_vIU8A4GAcj.zip

  • Size

    4.5MB

  • Sample

    220922-ma8jasbbd7

  • MD5

    1f47e6ba20c717642c9ffa13c4671453

  • SHA1

    30c3db6b889d498815b35cf3ada232d974f89a00

  • SHA256

    2c63e762ad58d8532531e374225649be5f1c85454ed50a67b4823797a9609d71

  • SHA512

    4bea07d29eb54dc561bce7a7464c897b5a93ae00e7ee38575724f044a73bf4fef75fbd2f428291fd45c9b3324765e3152603fbb4701c6367537e665128235a9f

  • SSDEEP

    98304:BrNgp0W1jFBV+qFvC83mOMHvdvEOfn7dW3U2XyBlRmKlLI16lXgg9d5mg:BxGJjhnvC83mOMV30kWw8uLI1E99dJ

Score
7/10

Malware Config

Targets

    • Target

      Document.pdf/About/AppXRuntime.admx

    • Size

      3KB

    • MD5

      88d794ea092ef395433cfa321d06e5e4

    • SHA1

      f1f7c7dfbd04ac5a92cbde88bd4f087781d63c40

    • SHA256

      5afc969e4212a6511f307385c99b8868e8c873183dc271bbb95ba571b24eb53e

    • SHA512

      ebb770102b8202de4bb7319cbc2cda860e4de5d1e95f0fbef4d4890aa2b22cd48cf73909d028a37b507926b4fad573716fba16e50b8f9eca8d5feab00ac17cca

    Score
    1/10
    • Target

      Document.pdf/About/AuditSettings.admx

    • Size

      1KB

    • MD5

      9a36a7410b4ef98b36da553e050b9788

    • SHA1

      4ba6e5225a7c5daf30f4947b9288b708e8e557e8

    • SHA256

      ebac316580540b7ee8e399f890470527e456f2c6a103fcc899f4b2442d8e69f7

    • SHA512

      7cd81f2bedde51bca3a1f5a0889870be71ef521e5c331f1c8ba4ce97bf604adfff6cafa0fe707ed55df62bc340c45baa189e3d07f20a466ee7254f3c6abe6b74

    Score
    1/10
    • Target

      Document.pdf/About/EventForwarding.admx

    • Size

      1KB

    • MD5

      ef4ad318ea464cde69829a9201d7d526

    • SHA1

      a3b7cc6ebb70c45cd752121d0afa30a35b72c9d3

    • SHA256

      8e3854b06f7dfef7c0e68e1258f1d33a4b888a97f075a5d25757fa987acb5704

    • SHA512

      0abca7fa5c44572841fab002f19d05756f5566b8e3ce6d172662a37ae7053d9d0838639e2ec5843ec8d5c9c05205dc6dd150eb4f91ecebefef6afefb370d869b

    Score
    1/10
    • Target

      Document.pdf/About/ExternalBoot.admx

    • Size

      2KB

    • MD5

      ada14c9e12ebb088628c86ada31184e6

    • SHA1

      a2578366538e3de9ea2c047372217a3ff3ff25fb

    • SHA256

      4bd2d8e664271482adfdb53411298577d2bb7c5cf18a6fff30fd8f40abb17ff4

    • SHA512

      147a0d77b2c8e66a97d22e62d15248fc93c0a82d8529628a9612c7aac7dc48ccb3ca8fda317ccc0372e0c9001e8cdf8fa8d12e47d84412df3ddee0b1bebbd93f

    Score
    1/10
    • Target

      Document.pdf/About/FileSys.admx

    • Size

      6KB

    • MD5

      499e7751b019078a8a997d67e8805686

    • SHA1

      8d3bc566a990569dcd87a4862f4ea74b5a8d7696

    • SHA256

      bc713bc684b0bdda9342da9fa7e36caf7f328f32915144c6eca49b674917df88

    • SHA512

      0ccb75c55eeddfaaaf658087904bfca12c520d542789527e1248785ead66bf9f3de8478b2661814f549c6ec0bf8ebaefa1ec250199b1a6e3ccf95f6f60637d12

    • SSDEEP

      192:sYl9Bi4JFLHTSRPTsOyA0VXAQsMAy5PVzRMS6l0TE:ztJFLHTSRPTsOylXgMf9zRMV2E

    Score
    1/10
    • Target

      Document.pdf/About/SkyDrive.admx

    • Size

      2KB

    • MD5

      a94642be85e83bd11fe2edc8ee57a052

    • SHA1

      cce07bcc7dbe8bfef8f9397c8b6e76b96ddc9aa9

    • SHA256

      da3489644a56924340c30ba06dca8d02ac68a772c1971ebeedfb07767ea6f1ee

    • SHA512

      cfe4f318b08c3924c51eb679541b3a8d8d36cb47ffb5ebd9d979d254c1cba8782dfd8757f748944967392608dcc1775fdf82b9324b03481314b1f661a085b733

    Score
    1/10
    • Target

      Document.pdf/About/WinCal.admx

    • Size

      1KB

    • MD5

      bede56a7aef6b3db49ab7d2eb3f2870a

    • SHA1

      bc18289b953a8ac6c0c8e519f72e6adee933ff98

    • SHA256

      1fc29fc668043aa03ffeb2d61868d3369479c3cef2c4725d162cf5344dcbdcfa

    • SHA512

      2bde0a5f1983b08379c262f86aadf8635834674981faf7feb3ebc39b12ece95b21203be82fde2fe88f6a662836374a7ac3d6fb8057d5273923259b3af206a3a6

    Score
    1/10
    • Target

      Document.pdf/About/WorkplaceJoin.admx

    • Size

      1KB

    • MD5

      4a94b4f104af2c09215eb52d7f84f748

    • SHA1

      5c414d468a0b571ca9fec00364dd4e2a185dbe92

    • SHA256

      5fabf5c534f78ce92bf7daa6d4ade2dd61002e689a8246928209bf38d7bf1bee

    • SHA512

      971a7f298fb6ece17bd9e02d636988960b4955ed8c6e44d271f4405e06268b65db6ce396caeeb41113ef2d220418c7c0bd48f3dc5852de76331eec0307516af4

    Score
    1/10
    • Target

      Document.pdf/About/en-US/ActiveXInstallService.adml

    • Size

      5KB

    • MD5

      46876b1e6c8ba1fbf3abc838ccf809b0

    • SHA1

      45ce70edd0ca87a5920d43385066087df134e30f

    • SHA256

      f49428cabb6f6671d95ef214133100c268d2ab04dbf0f095dd08b0105ed9d8a7

    • SHA512

      702c319b2d181753be99d99c3dff9f6c578934067c89a614e9e4b0a5da6a0fb3545a3ba4986e12e9da5de8c6af56780982d181a8d949a6e573af725e2505deca

    • SSDEEP

      48:cgeD5x8gm0fUsPXKn5o3OqALPLFS31U87GUkNAsGNuiYzXmoOX1mTXoWlIGe0FsC:LeD5pmKeC3G8SsuiYR1Pl7e0V4zZpBsV

    Score
    1/10
    • Target

      Document.pdf/About/en-US/AddRemovePrograms.adml

    • Size

      10KB

    • MD5

      dfe20a0ca8674d6eaea280c139e2688a

    • SHA1

      97027b92d40f5029ff296a9ea3105b775b50c209

    • SHA256

      c97cd236f8be2b235685d3d16632482839208604db3f550f9524eafda33b9ca9

    • SHA512

      120c45bd17045b6f3d4a9295e1888d81ffa99ed0f1d146aa2eec387c1187eef8c718179771bc0cdbe01a37a487d933f55c92f6f37954f392f007cbfaa2aec877

    • SSDEEP

      192:Eyvs59wT2mCtKNSMRdMi4LBDZDHZEzT+ygx5LDkFdzj9nWyihWhqeGzpbeEKJ28m:ZvyiCDdyTO54zj9na8hqe6pbeEK5jq

    Score
    1/10
    • Target

      Document.pdf/About/en-US/AppCompat.adml

    • Size

      9KB

    • MD5

      93c28840d18ed15af63308926f5aac66

    • SHA1

      5ed7a8056f1e8a68fea17c6ef81b695df8a3ea70

    • SHA256

      0ac43a8df0e8795968c0f9b6ecc6fbf620b761c128545ad689eec5dff21f5f1d

    • SHA512

      653b9905dc0bbde62f06efa1c613f4e4a0823331d31d396db0226fdb41a9ad4d148c1b5dabfa0ca64a74156f5ad446428f3344ffe75828a7c8225d3f0d214758

    • SSDEEP

      192:EsMVhCuGKXl6hIAtZUqxw66Utw0Uvk3EUN2X/TDcvEn:J/uX6GAjj6mcvk3EUN2XXcvQ

    Score
    1/10
    • Target

      Document.pdf/About/en-US/AppXRuntime.adml

    • Size

      4KB

    • MD5

      bf19db2e91edefe517515ba23b30103e

    • SHA1

      324d98b315d7f8e096d8d61505610706d0c73856

    • SHA256

      42778994d23cdb74c446e70c30942991e89df6aacc1225aebb05464d69da6dec

    • SHA512

      9c193cd9597f90913643cdd2079e36930e60b6ab539d96ba0d5da7ea2b5dde0b78d7451d0a4ac37cbbb8a90c548285fbf640099eda949665e186586d893adb14

    • SSDEEP

      96:jJpm5IJUVaBfgHt6kNEmB+kClbNpbj03V:Xc3AIHF20F

    Score
    1/10
    • Target

      Document.pdf/About/en-US/AppxPackageManager.adml

    • Size

      3KB

    • MD5

      b182f0b429a84d7e97c3d50eadf154a5

    • SHA1

      87dda04edcfe5e6c22f0224d9ee8375e0920b7f6

    • SHA256

      5cd8b222aecbdeac3df2de6b774af7e02988981136f6e5e9cd3d12735c6a6416

    • SHA512

      c42670fa053734c1b909fbb1ae189d4acf72b290679c1564d78276022bdf0afd279558c608f00953325e5aee47eb93df35c5afdbb29f698e5c8f808610db5055

    Score
    1/10
    • Target

      Document.pdf/About/en-US/AttachmentManager.adml

    • Size

      9KB

    • MD5

      156adebca5cd43e0d849f921b26594c3

    • SHA1

      0dcda3a3c5cdb824d7fae9fd2d52638de6bac841

    • SHA256

      6974aebdcb65ab63decd224d3c060f0afca11e00c781657ead44f64073094bf8

    • SHA512

      32dc4890719aaebc7cb5a088ef7c4fd7a86207c36e76c0fa60584e3df0687c2df297cbf82750885bcd42542700bd0d14011d57d9ced9fc32e582f70061c68013

    • SSDEEP

      96:LeD5pmiPXXvXd0GkXgueX0dX0LhTW9jS+9FMDPaSPL9DVH60XZgn9ZE60Y2IHm0s:EZHvmQ/WXtyPHPLuV3HmEPdHK

    Score
    1/10
    • Target

      Document.pdf/About/en-US/AuditSettings.adml

    • Size

      1KB

    • MD5

      71075fce08402095aeafbe57962a1f5b

    • SHA1

      f76fae255aa5454217fe973c4a8035ec9005b923

    • SHA256

      6928faad9624bbf4c74f6c138496a4c6ae8d04919c3de9591568300c1dd39e59

    • SHA512

      9df7480e584b16d1b504e2503b3c4c8422efc2fa37d9a4aceb8a7aea0561c0d73e8e73cb21fea20c6ec3bbbcb715c155efda7b8e38b7b448bcda5db10d773de4

    Score
    1/10
    • Target

      Document.pdf/About/en-US/AutoPlay.adml

    • Size

      4KB

    • MD5

      935c602dad3f4335bd16c269e66dbfaa

    • SHA1

      3df4dc6d55af20f0593d807fb4fdefb23cc3355a

    • SHA256

      8773998440c8d534fa69833174d05d09088f07e6e5c0e41d7c04a229c7903879

    • SHA512

      05abffc0ce836f7438bc711a9d2b5ceb8f3f1c48be2ac9c1a91d286aed6fc4c8d740ae802dcd2cc65d066972dc8daa84ad8a10fa775d66cb5f3de34688d975ec

    • SSDEEP

      96:LeD5pmCRsKp7RqiPKhB3a1jejcM64iVDJaqV:ELRRp74a1AbodJ7

    Score
    5/10
    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

16
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks