5f51080373a56005fe4c9395d9b02590ce9b7bf44db0d3d81a9d10cdb8399721 | Triage

Sharing

General

Target

Venture Purchase Order for September pdf.gz
Size

34KB
Sample

231012-mtjz2sdh7t
MD5

46ba0e096e53f62efba80611004e75ca
SHA1

8d5db93db963c78f6898b3384f5caa05e3bec35e
SHA256

5f51080373a56005fe4c9395d9b02590ce9b7bf44db0d3d81a9d10cdb8399721
SHA512

33d5b88cc4458b509285bf6746e6627ecdeffa81d8f716526b74d67b54d8c406915b2d8020513395b316da3408a4ac8e0a29e3d302206337b19f929be1f5dd24
SSDEEP

768:KMotII93kKyDUFNphYSQTSj342Bm0yx6Dxv7hBbSLKwh3Ke:5oGMiKNktSex6Fv7hBbSOwh3X

Score

8^/10

Malware Config

Targets

- Target
  
  Venture Purchase Order for September pdf.vbs
- Size
  
  123KB
- MD5
  
  9d85f625ce35d57150a6f0869020e668
- SHA1
  
  d4e8cecedd6ad08e1d200dfcfb5b66f2cdbc0f1a
- SHA256
  
  3d5e1bb54425819b844314a4f399182902493ca33f0ca2a0988033c6b082c38b
- SHA512
  
  85d2340ce5aab82ef89408f2fdd4315cfe022ea0c699bb6d091ee0a073924bc1272a8d5ab74cc09ed175f8ce3ec1fe0ea7a02ac2bb790f071595b11d61c48774
- SSDEEP
  
  1536:svLTz2WMydDur5kYDbJXGfIgCDP1lrCoupi7:A/RurmYJXxgaDrB7
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2