31ee2815e79bcd0d8b1f1df1a6d16a6cce1638d64c6511ef222814c5b11548cb | Triage

Sharing

General

Target

Ziraat 637-78227_61517.pdf.exe
Size

559KB
Sample

221026-qvnw6sfhdl
MD5

1812d22f00d732b8b74d1593ba04036c
SHA1

f94ea838c1e01e5f4053541d6dfe6caf13163067
SHA256

31ee2815e79bcd0d8b1f1df1a6d16a6cce1638d64c6511ef222814c5b11548cb
SHA512

df947c38b8226b83fbca47948d8db803e8c93a5acbc6a715e532590de52045b485df0eb8bf100797f1eb7102726924217cdbe753cceb9bcd82409a3c6c4e95a7
SSDEEP

12288:6YfpOKFD3LzxzqHY0yvl+/gSkWiH6JahOl5bzpRfmbjAm:6Yfph3L1zyY0ulwaW5f0Am

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Ziraat 637-78227_61517.pdf.exe
- Size
  
  559KB
- MD5
  
  1812d22f00d732b8b74d1593ba04036c
- SHA1
  
  f94ea838c1e01e5f4053541d6dfe6caf13163067
- SHA256
  
  31ee2815e79bcd0d8b1f1df1a6d16a6cce1638d64c6511ef222814c5b11548cb
- SHA512
  
  df947c38b8226b83fbca47948d8db803e8c93a5acbc6a715e532590de52045b485df0eb8bf100797f1eb7102726924217cdbe753cceb9bcd82409a3c6c4e95a7
- SSDEEP
  
  12288:6YfpOKFD3LzxzqHY0yvl+/gSkWiH6JahOl5bzpRfmbjAm:6Yfph3L1zyY0ulwaW5f0Am
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2