359b4763b3dc0aade32b5c9d84a6b19005d9bb35e1de4228ba111eb80dfd52cb

Analysis

max time kernel
101s
max time network
31s
platform
windows7_x64
resource
win7-20230703-en
resource tags

arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
submitted
04-07-2023 11:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Ajánlatkérés (Budapesti Corvinus Egyetem 2303EU-04HU)·pdf.exe
Size

1.1MB
MD5

a06fab45376cac518cbbb72b9d042bfc
SHA1

781932a6ecdf371873bc902485f7a3bbc490ea8d
SHA256

359b4763b3dc0aade32b5c9d84a6b19005d9bb35e1de4228ba111eb80dfd52cb
SHA512

d77b362dabbb7abde24e7b86afa0e2a053eb325be2f7bb0baa6fc510771a3578d945ce3b939d9795cb6ae517238aa7739231d2045d23ea4f5aa851b7f9fa504c
SSDEEP

12288:LLRLMTk+FtLCgTIloDNiXfHm3R2QWVjBwHb+i2CKsPm9gEwX8Aq3G2V:LZYkOVI2MfHm3R2abwse9gxq7

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
276	Ajánlatkérés (Budapesti Corvinus Egyetem 2303EU-04HU)·pdf.exe

Drops file in Program Files directory 3 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Common Files\Outraught\Bijouteriernes\Salgsargument.Jeb	Ajánlatkérés (Budapesti Corvinus Egyetem 2303EU-04HU)·pdf.exe
File opened for modification	C:\Program Files (x86)\Common Files\Bedsides\Damnonii\Rebellerede.ini	Ajánlatkérés (Budapesti Corvinus Egyetem 2303EU-04HU)·pdf.exe
File opened for modification	C:\Program Files (x86)\Common Files\Misery\Nonaculeated\Sammensyedes.Ser	Ajánlatkérés (Budapesti Corvinus Egyetem 2303EU-04HU)·pdf.exe

Drops file in Windows directory 2 IoCs

description	ioc	Process
File created	C:\Windows\resources\Thecaspore\Mulches\Occas\Communisteries.lnk	Ajánlatkérés (Budapesti Corvinus Egyetem 2303EU-04HU)·pdf.exe
File opened for modification	C:\Windows\Pastler\Contrariness.Not	Ajánlatkérés (Budapesti Corvinus Egyetem 2303EU-04HU)·pdf.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\Ajánlatkérés (Budapesti Corvinus Egyetem 2303EU-04HU)·pdf.exe
"C:\Users\Admin\AppData\Local\Temp\Ajánlatkérés (Budapesti Corvinus Egyetem 2303EU-04HU)·pdf.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Drops file in Windows directory
PID:276

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\nspA8FE.tmp\System.dll

Filesize
11KB

MD5
75ed96254fbf894e42058062b4b4f0d1

SHA1
996503f1383b49021eb3427bc28d13b5bbd11977

SHA256
a632d74332b3f08f834c732a103dafeb09a540823a2217ca7f49159755e8f1d7

SHA512
58174896db81d481947b8745dafe3a02c150f3938bb4543256e8cce1145154e016d481df9fe68dac6d48407c62cbe20753320ebd5fe5e84806d07ce78e0eb0c4

Download Submit