52cde2b88aa65fd327813294d67dc3cc10ffaa1774acc0c7a5d40de397de2871 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2023.07.03.PDF.exe
Size

237KB
Sample

230711-qvba3shc78
MD5

63e262e8558681251d45c52633df9d0a
SHA1

40d3a682020a6f66bcaa1a753657793bad935489
SHA256

52cde2b88aa65fd327813294d67dc3cc10ffaa1774acc0c7a5d40de397de2871
SHA512

ddfc370c8a00d2b058ca6db75431c5fb2aa5320d14878b68225f863cd1a9cd24ad86a906c5fcc43fc07c46484e9b4bad14daeaafbf02474adce8fb2259680f5e
SSDEEP

6144:eZvatN/T/14Y5ecPKKCRJGOjW/nv7tBO1Fic:eZytN/T/WY5KKCDGOyv7jOWc

Score

7^/10

Malware Config

Targets

- Target
  
  2023.07.03.PDF.exe
- Size
  
  237KB
- MD5
  
  63e262e8558681251d45c52633df9d0a
- SHA1
  
  40d3a682020a6f66bcaa1a753657793bad935489
- SHA256
  
  52cde2b88aa65fd327813294d67dc3cc10ffaa1774acc0c7a5d40de397de2871
- SHA512
  
  ddfc370c8a00d2b058ca6db75431c5fb2aa5320d14878b68225f863cd1a9cd24ad86a906c5fcc43fc07c46484e9b4bad14daeaafbf02474adce8fb2259680f5e
- SSDEEP
  
  6144:eZvatN/T/14Y5ecPKKCRJGOjW/nv7tBO1Fic:eZytN/T/WY5KKCDGOyv7jOWc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2