Overview

overview

7

Static

static

3

Original S...df.exe

windows7-x64

7

Original S...df.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Original Shipping Documents_pdf.exe

  • Size

    248KB

  • Sample

    230508-ldly2aaa25

  • MD5

    82b1bafde162e92debdc5bd256c3a535

  • SHA1

    5c431b67d0004292a8b744d7c931a2928ece7f05

  • SHA256

    db18c2ea53e693b3fa16b5c6ca9512c359f657e2f0ea2cbd462ad17d99da2ce9

  • SHA512

    d1e7f94989dfd5175752c3f89ee83fdeb34a4f9835a660b3ef53969c6ae6a7efa564c13b802486fa0d0d083e6c53b2261a953eca111c1361fcfe61673c7b9f0e

  • SSDEEP

    6144:vYa660oTSp9Yxw/CQfi9Fq5q+GqS1U+kVg/4r3n:vY00oTE9YuxvGI+4r

Score
7/10

Malware Config

Targets

    • Target

      Original Shipping Documents_pdf.exe

    • Size

      248KB

    • MD5

      82b1bafde162e92debdc5bd256c3a535

    • SHA1

      5c431b67d0004292a8b744d7c931a2928ece7f05

    • SHA256

      db18c2ea53e693b3fa16b5c6ca9512c359f657e2f0ea2cbd462ad17d99da2ce9

    • SHA512

      d1e7f94989dfd5175752c3f89ee83fdeb34a4f9835a660b3ef53969c6ae6a7efa564c13b802486fa0d0d083e6c53b2261a953eca111c1361fcfe61673c7b9f0e

    • SSDEEP

      6144:vYa660oTSp9Yxw/CQfi9Fq5q+GqS1U+kVg/4r3n:vY00oTE9YuxvGI+4r

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks