General
-
Target
Estratto_conto_commissioni_WU_Estratto_conto_commissioni_WU.pdf.exe
-
Size
1.4MB
-
Sample
220927-pt2wzaeehm
-
MD5
0ceacf7dc64290934eff76d8c75a7d9c
-
SHA1
db45b1842c6735d25f5104aff70db231bc0aad34
-
SHA256
ae6e498c8c5441ea32f11e33f00a73446a429aa601c2eccefbc4c40561481a2c
-
SHA512
4a5e8f4b42dc19eaa903e674a2ec214c901b650d44f4dfdb0ad3783383e0d6bb6540c4278654af0e510b4ce0db755b5f1235afce0622b95944b358ceb154b76c
-
SSDEEP
24576:eHLmCiIhVQxLW4iA/IG7+VtqdGXIyO3ZfsRIIukjdPoRd5ZdQx:z5/pwydGmGuIu0oRd5m
Malware Config
Targets
-
-
Target
Estratto_conto_commissioni_WU_Estratto_conto_commissioni_WU.pdf.exe
-
Size
1.4MB
-
MD5
0ceacf7dc64290934eff76d8c75a7d9c
-
SHA1
db45b1842c6735d25f5104aff70db231bc0aad34
-
SHA256
ae6e498c8c5441ea32f11e33f00a73446a429aa601c2eccefbc4c40561481a2c
-
SHA512
4a5e8f4b42dc19eaa903e674a2ec214c901b650d44f4dfdb0ad3783383e0d6bb6540c4278654af0e510b4ce0db755b5f1235afce0622b95944b358ceb154b76c
-
SSDEEP
24576:eHLmCiIhVQxLW4iA/IG7+VtqdGXIyO3ZfsRIIukjdPoRd5ZdQx:z5/pwydGmGuIu0oRd5m
Score8/10-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-