Overview

overview

8

Static

static

4

67d69969ba...2e.pdf

windows10-2004-x64

8

Resubmissions

06/05/2023, 12:52

230506-p4gzjshb98 8

06/05/2023, 09:54

230506-lxk6vaba3w 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    67d69969ba6057fc96367bfa7f9cf1c9e1f9f36b6f2663b1b676570bf811f92e.zip

  • Size

    219KB

  • Sample

    230506-p4gzjshb98

  • MD5

    31a3bfe178df4e915564b53a78321f60

  • SHA1

    4a7c62894a5a790d4f246b64cdfc527bed563380

  • SHA256

    ea84ace5aae2f710cac2811d65f2bd7af435fb0698417c2eb5a15a6513c6897e

  • SHA512

    a4377f68e57e7a35350fea6aa3a6a74b70d92c13115f764119003176629aaf2ccbd0ee7ef76a434e5728e2dd4471532a20c8e0d1f68fadc6cf6b12532f5cd765

  • SSDEEP

    6144:QZSMoZ6DuPSJE6MbcLkixpb/YTXKJltoBMcibEhWBi:QS4DySJdo+sXKJltoBfB

Score
8/10
linkpdf

Malware Config

Targets

    • Target

      67d69969ba6057fc96367bfa7f9cf1c9e1f9f36b6f2663b1b676570bf811f92e.pdf

    • Size

      263KB

    • MD5

      bd661569eb80bec7b02e1f39409a2aeb

    • SHA1

      ede22d7642e41372609fa9d3c363567a42c28b10

    • SHA256

      67d69969ba6057fc96367bfa7f9cf1c9e1f9f36b6f2663b1b676570bf811f92e

    • SHA512

      eaeaff9fed0d780c1cf2dd5f759c17159c40353d5acc0e8975b65c740295084b1c0474ffd825a0b737107055d666e0fa82eaf562744a146823a0634baea8080f

    • SSDEEP

      6144:MUv3/VG/Tf++jIVnDggY8FxINArQ31Uox3PL:MU3sGi5hNA0FUoVL

    Score
    8/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks