Overview

overview

8

Static

static

1

Latex-Spli...mn.exe

windows7-x64

3

Latex-Spli...mn.exe

windows10-2004-x64

8

Resubmissions

08-07-2023 17:02

230708-vkemzafh27 8

08-07-2023 16:53

230708-vd57cagg21 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Latex-Split-Table-Column.zip

  • Size

    3.2MB

  • Sample

    230708-vkemzafh27

  • MD5

    8bdbc9a84f886a320882c996231a19f7

  • SHA1

    d8a389095daeda3cd0bd1af3e135f2cc49dc95c5

  • SHA256

    f81565af7104b058df585fd627ac4c61a86e947632d04838a533b0e00907902b

  • SHA512

    0ffde290d14aa4d65a091c8ce2141fc1fae0bc1c5ae87a6a656a9901ef670df381c84329a194554dc9710d9272934dabd665fed5123597790824db13f24db3a8

  • SSDEEP

    24576:O2re0AJmrn0VltLLickRpg2UoPoypLrX1BjC6MJwFpm+:OACcr0tLLickRpg2UE9pXfC6YwFpR

Score
8/10

Malware Config

Targets

    • Target

      Latex-Split-Table-Column.exe

    • Size

      300.4MB

    • MD5

      eff4dee32ca0f188b0f6ebe24799a489

    • SHA1

      d3980fba6bf04a63567954fa7ce8b645fc20367c

    • SHA256

      278ec8f7a0cd969ebb84e72f60f19bb6f6fd6f7268ebe68245c46e6de2a43cf1

    • SHA512

      d6665b744541124d5172348a3b035f14e06594a6a5e0655e69053189a9e5f801774d8580ca06dbf322e1ab698c77f94fa94fa4b4ee150f80981bbac429bf9650

    • SSDEEP

      49152:2OM9NlsVy2qjNdgk84444444444444444444444444444444444444444444444S:2f

    Score
    8/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks