General
-
Target
Doc MT103 _pdf.exe
-
Size
413KB
-
Sample
221126-p4nr4adg78
-
MD5
062d6076b8f69168885f0cb4e1e22c60
-
SHA1
04a40a90fa3e7d9d7387631d9cdbd1cb65fb449c
-
SHA256
2f3e1bb8cbed038a582daa46b4ed9c387f01b8df5e9746364a9dd75ed3eb2b68
-
SHA512
b8218934c9eb53bf0de44d30228708ebb3f0d87af7b82fc362d003822e5a9298734ffd863143c54e6cd4b142f22f79aea06c72fb9ff5626f44a98d655b8e44df
-
SSDEEP
12288:Hd0OzAvfhYmXDAK6c+FodIh1FpgvxTuafi:9b8vJDiba9pK
Static task
static1
Behavioral task
behavioral1
Sample
Doc MT103 _pdf.exe
Resource
win7-20221111-en
Malware Config
Extracted
formbook
6m92
IwH07bzPfa+aWqQsOI1SxKkUsK/8JWH6
gAmrDzguz8iNUuBb9MRj/Q==
n8g30a0I2QcbykrFHnRaBa1gnw4=
uBcyEQC3paiG
3ka0jyr6vTwYotvX9SW2lo4O
SJmelmdD96pEHvoVvWMv4A==
jJA0oRzswcjxkBvg
XUTbWQIGpR1w7zlsVA==
ZE/7WnWIXYeZR/2mB/iXGIq38r9B
ccrY1oRNAoL228IEvWMv4A==
1NrB7FTco7g=
BuVq6qaZSQF5YKAJ8eOrwGluI0CN9kE=
MHaaXX/B0uNdPGg=
h48qpVM02Vefbmmal0vsGAHy1hk=
NAvqVyNxjup6bA==
vCzmWfwAqsmVV684pR9AvrNzyspL
j2z5VICYTVIJ2tgGu3WYl/priA==
a38VZg7Ghac=
FoI1qU0fpHNqMjDc1rM=
3C83/5uiR2tBE5cuESBxcFY=
cL7Hr9Y+xtCb
mgEvIdnTkSbxkBvg
cGwkdJ+UVHtmNYUUgNn0hNKVK3unIQ==
10PJNlFB3dbcwz/UvIgfMfy38r9B
7luNgy0an7S/mroFvWMv4A==
xEdzof+3jup6bA==
oHv5aIcWqSRzSYHt3hMqWAHy1hk=
05svhXzy0wD9yggEaGZD
npQ2iKy8phGGcQ==
0Z8vhQDUdfyFGClnWMXo6A==
1cvo9LNfAATirkwJDCBxcFY=
vKEqosePYORMKFvcz8q2lo4O
lo82mRQBiJhSIaUp5i1L
jIlCtezGdnZKHKIt4zdS
XtMJ+0nqjhBjQDDc1rM=
KaBQvNfNeYZ0V9uB6EQdSgHy1hk=
wDFhKJdXBrgm+AVJQIinxGluI0CN9kE=
pKtIrRbSfSFcLDDc1rM=
EIS1gqPjwNKb
RCknL9mpV/BRPTDc1rM=
PYeWawnZzhZ3Zg==
+PEQGh/ofOF4Qvzo
n3iCcemmVdgoAfYfCF5ydgHy1hk=
IHT/XHth+AzftXh+ZqdBtXQqgA==
YTc2LodYHUpGKDDc1rM=
PMPxybW3YVVMKDDc1rM=
fNti3OOmW19IKjDc1rM=
9tfavSnWehNwU1AQc7JPcV4=
ISZBJc55F8lC7zlsVA==
mPP+BQ3MeauhnJz86cNgZAHy1hk=
PyK6Dw1gObYFztYIvWMv4A==
v6EuhPfGY1N1S30=
YcpAq1IPv92R
ztL2/ac6ynDaq3Rm0Z9BtXQqgA==
zkeJZrF0Dh356Ky2pQ0wWwHy1hk=
l3VzaQ4DmRR+ZmgQ67k=
H+p8zu60SANpNPwCu3WYl/priA==
FPP934Fn/q1E7zlsVA==
d9iS2ep+HrhJ7zlsVA==
QbXU0fwKx9DxkBvg
h/Ae9Jc5BoHiqMAbxSBxcFY=
x44Sns5uRYThqsEB2MZmYgHy1hk=
fW8GhgXwiLTLr8kFvWMv4A==
K3N1VMN2HbY8Bpop5i1L
8499q.xyz
Targets
-
-
Target
Doc MT103 _pdf.exe
-
Size
413KB
-
MD5
062d6076b8f69168885f0cb4e1e22c60
-
SHA1
04a40a90fa3e7d9d7387631d9cdbd1cb65fb449c
-
SHA256
2f3e1bb8cbed038a582daa46b4ed9c387f01b8df5e9746364a9dd75ed3eb2b68
-
SHA512
b8218934c9eb53bf0de44d30228708ebb3f0d87af7b82fc362d003822e5a9298734ffd863143c54e6cd4b142f22f79aea06c72fb9ff5626f44a98d655b8e44df
-
SSDEEP
12288:Hd0OzAvfhYmXDAK6c+FodIh1FpgvxTuafi:9b8vJDiba9pK
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-