aa8d4070795a05587fc8ad7dcbe4762a7f48e1bda165dbe12ccbe72412784757 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

swift_bank kopyası.pdf.exe
Size

621KB
Sample

230515-mfdwwafg66
MD5

f2975de2245613c69f1ec66b467abafe
SHA1

f42a25424c0bc227a6d4e26f477e6eaa5ed3250d
SHA256

aa8d4070795a05587fc8ad7dcbe4762a7f48e1bda165dbe12ccbe72412784757
SHA512

baa385c05cc5d265be97fccadcd69aa88ce5552b57f3d8eb590647e00c1df732a9782f8b66c6164a6e5f7b2c7690ca2273ca4cc92c3cb0ebab6429eb9d5363f7
SSDEEP

12288:bNj5Ayg3SOVTfpCmzKRWDx6dzv8DOkDjrXci86w4hVcASzQ9UxkrcxP:b3e33lMWujaMiZGAqxA

Score

7^/10

Malware Config

Targets

- Target
  
  swift_bank kopyası.pdf.exe
- Size
  
  621KB
- MD5
  
  f2975de2245613c69f1ec66b467abafe
- SHA1
  
  f42a25424c0bc227a6d4e26f477e6eaa5ed3250d
- SHA256
  
  aa8d4070795a05587fc8ad7dcbe4762a7f48e1bda165dbe12ccbe72412784757
- SHA512
  
  baa385c05cc5d265be97fccadcd69aa88ce5552b57f3d8eb590647e00c1df732a9782f8b66c6164a6e5f7b2c7690ca2273ca4cc92c3cb0ebab6429eb9d5363f7
- SSDEEP
  
  12288:bNj5Ayg3SOVTfpCmzKRWDx6dzv8DOkDjrXci86w4hVcASzQ9UxkrcxP:b3e33lMWujaMiZGAqxA
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2