General
-
Target
Adobe.Acrobat.Pro.DC.v2021.001.20135.exe
-
Size
528.3MB
-
Sample
230322-c9sa9aee39
-
MD5
09b175cc20f71f078778341e8cd48d3e
-
SHA1
68c54bed51fd40c988515cb513cf264a7166c36e
-
SHA256
4255c508b4b857cd52ad55c6aa10bef03c5b4136d4eaae4b8c487b33df0cad3a
-
SHA512
2e17149b814b7de16eaadaec8618fe342732e9723c2b51bbd0f1981eabcd98b350ff52c763dce4c5e3c19a78d377fd05fe1b041535c3aa6e61e771a4ce3b0192
-
SSDEEP
12582912:5hWCN8tGMrRWf+2Ny/3EUha/zOID8xPvE7fZeZ7DoAVhC:5oc80Mr/2y/0UwbOID2MkZnoohC
Static task
static1
Behavioral task
behavioral1
Sample
Adobe.Acrobat.Pro.DC.v2021.001.20135.exe
Resource
win10v2004-20230220-es
Malware Config
Targets
-
-
Target
Adobe.Acrobat.Pro.DC.v2021.001.20135.exe
-
Size
528.3MB
-
MD5
09b175cc20f71f078778341e8cd48d3e
-
SHA1
68c54bed51fd40c988515cb513cf264a7166c36e
-
SHA256
4255c508b4b857cd52ad55c6aa10bef03c5b4136d4eaae4b8c487b33df0cad3a
-
SHA512
2e17149b814b7de16eaadaec8618fe342732e9723c2b51bbd0f1981eabcd98b350ff52c763dce4c5e3c19a78d377fd05fe1b041535c3aa6e61e771a4ce3b0192
-
SSDEEP
12582912:5hWCN8tGMrRWf+2Ny/3EUha/zOID8xPvE7fZeZ7DoAVhC:5oc80Mr/2y/0UwbOID2MkZnoohC
Score8/10-
Blocklisted process makes network request
-
Modifies Windows Firewall
-
Registers new Print Monitor
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-