95656ae396e3ecd2abeb957fab2e76df1af92b08bdb20d7b8a7d7f327100ef39 | Triage

Submit
Reports

Overview

overview

6

Static

static

1

PDF_Archiv...zk.exe

windows10-2004-x64

6

Resubmissions

15-03-2023 05:44

230315-ge8f7sbg62 6

15-03-2023 00:20

230315-am19jaaf39 6

14-03-2023 05:55

230314-gmnf1afh4v 3

Sharing

General

Target

PDF_Archivo_DocumtoYCNCFQUFIICMOHQgyezk.zip
Size

3.6MB
Sample

230315-ge8f7sbg62
MD5

94ede65f96a55007e1ade72b8d40ff2e
SHA1

f5841f27a1a32c04309048936b005f670fb7f007
SHA256

95656ae396e3ecd2abeb957fab2e76df1af92b08bdb20d7b8a7d7f327100ef39
SHA512

0158312a73ef5d79f6dbd2d272b27861f5dc1588f6ff9b61d91d3ea6bc955793905801a4eabeab80cca8188a5b2eef253b23e75ca13d68b6dd3fbaab3c737e3f
SSDEEP

98304:gVKlMNZldvVYL43KbdkBbXDsAeZFxkOyg2w:gUYZYecmBbyZFxZyfw

Score

6^/10

Static task

static1

Behavioral task

behavioral1

Sample

PDF_Archivo_DocumtoYCNCFQUFIICMOHQgyezk.exe

Resource

win10v2004-20230220-es

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  PDF_Archivo_DocumtoYCNCFQUFIICMOHQgyezk.exe
- Size
  
  313.5MB
- MD5
  
  07f42c9c9094240d7fdc4e58ce7eeffd
- SHA1
  
  e6e291b5c9d8eaf6ccaadbbb2ad2092750a38584
- SHA256
  
  d524e75f3fd6aa2f59b335384a029e1cfff62def68bcf7cf9d7cd9d39ff704df
- SHA512
  
  c73a971a0aea6029a2b1a95fe2033017f5b0df183d3ad92b902055871e82093d2a0f873ccd7e9cc59bb64ad5cc09d4a0415f6eebc3d03a6d12b991b484a122bd
- SSDEEP
  
  49152:P7WDb5p9VUKuGTrSbMEqxmm1jjV5zKSUKFHK7VKM+PIMUoEWLX6j6HNaVIT6TL1Q:P7WnXJL1nPWRVx+PIOHNq1cpJQ
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy