221b11a9ca29581978c794f1ad4bad6865407194d8b9351e1d26a553fd541bf4 | Triage

Submit
Reports

Overview

overview

8

Static

static

4

[email protected]

windows10-2004-x64

1

[email protected]...��.exe

windows10-2004-x64

8

Sharing

General

Target

001f329a99a84175ebadb671170482baeef0338807e93f399825381e58807f37.7z
Size

13.3MB
Sample

221026-be39laecg2
MD5

14e12bdc824317a89657ed6f3e931f9a
SHA1

d5a19fedf073eec59d13012f60343cc0df2f0456
SHA256

221b11a9ca29581978c794f1ad4bad6865407194d8b9351e1d26a553fd541bf4
SHA512

f7d3a11cbba44a89310701e737fc77aadef5c94ea03bde03021199919f0f4a8b6fa48bb60d8d3d478f0f2052fe489766e663beaf9a8f5b3a586cb394b416039a
SSDEEP

393216:+zIFyhpdzbnV4XOnuMsBk3QiEL4uK9IXov3:+zIEhPVbuMBC4nIM

Score

8^/10

link pdf upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

[email protected]/BMP-13.pdf

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

600 seconds

Behavioral task

behavioral2

Sample

[email protected]/ПРОГРАММА ДЛЯ РЕГИСТРАЦИИ ПРИВИТЫХ В ФЕДЕРАЛЬН�.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

9 signatures

600 seconds

Malware Config

Targets

- Target
  
  [email protected]/BMP-13.pdf
- Size
  
  3.9MB
- MD5
  
  5f5ecad862ffc50f20988a528f56937b
- SHA1
  
  b1b0ef49bf9e490662c9f42930174b1db455b658
- SHA256
  
  c81ef8dcabda564354203125dc5681ea9a7b4167feec2ce2842f01d161746e1a
- SHA512
  
  f70cbeea8b9ebf91f883cde36d374fcb55d1d2620acc82232582e27dd6d136685a917a9530569bd7f6498d3ad40908715677b6ab174165132da4e7192e270793
- SSDEEP
  
  49152:tt1giIRVI5h9eDaUW5EPGtNZyzJiQ6UyMWszz0v/u62ENytXSzOWpa:tkfVeeGqPGtKtiQ6U/Wn/uQNyvWpa
Score

1^/10
behavioral1
- Target
  
  [email protected]/ПРОГРАММА ДЛЯ РЕГИСТРАЦИИ ПРИВИТЫХ В ФЕДЕРАЛЬНОМ РЕГИСТРЕ ВАКЦИНИРОВАННЫХ.exe
- Size
  
  8.2MB
- MD5
  
  8b7fdb80ea30a675d776ee3c6a2b5062
- SHA1
  
  763b7358672ff8b8d7b3428faf4fedb3ad2caaad
- SHA256
  
  1ce18f816875dae22ff0e038c9792d28ea649f119428a6b7e5af47e080f1dddd
- SHA512
  
  46f8b2f046bf4166dfcd326ddf741f8bcd43fa78ef11af16f6040486f2ce5cd9c632d71d2746d8854e0c1b9d809a09dea557f8e7d4709344026b71fe9af8b06c
- SSDEEP
  
  196608:egpFdSD4wJsrfJkVisvKWnVvJQxlNM6z+eQVgNuIQHmQqrRNLTswV:7eEwJji0VWDNM9eOgNVQHmQeRNLTs+
Score

8^/10

upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy