Overview

overview

7

Static

static

3

P608297_28...DF.exe

windows7-x64

7

P608297_28...DF.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    P608297_2807_110411_jusificantes.PDF.exe

  • Size

    360KB

  • Sample

    231013-z9fzjsda29

  • MD5

    d578bde56a9d1131efbf2629041960f5

  • SHA1

    d7f0ba43a9c9b50db7efcd384646926841bb6c38

  • SHA256

    9849e7217530267aa3ee1f84b0fbca828a72c296cd1db7c43fa8fe7f319b54eb

  • SHA512

    a949ed9a409bdcf6926e78397bbd6b84cd7a54788a2da3b09f8aad00b6e728e4718e1821c34d008e02685e2895f303cc77506ae6966facc32b9bf70fc06bc41c

  • SSDEEP

    6144:PYa6/Ja/LYizQFpati5GRoItggeyMI0AJ6OO/ATGL50kY8no/kzIEcHY2OZr:PYNaYicpG5X0Y6xAKL5vY8NcHm

Score
7/10

Malware Config

Targets

    • Target

      P608297_2807_110411_jusificantes.PDF.exe

    • Size

      360KB

    • MD5

      d578bde56a9d1131efbf2629041960f5

    • SHA1

      d7f0ba43a9c9b50db7efcd384646926841bb6c38

    • SHA256

      9849e7217530267aa3ee1f84b0fbca828a72c296cd1db7c43fa8fe7f319b54eb

    • SHA512

      a949ed9a409bdcf6926e78397bbd6b84cd7a54788a2da3b09f8aad00b6e728e4718e1821c34d008e02685e2895f303cc77506ae6966facc32b9bf70fc06bc41c

    • SSDEEP

      6144:PYa6/Ja/LYizQFpati5GRoItggeyMI0AJ6OO/ATGL50kY8no/kzIEcHY2OZr:PYNaYicpG5X0Y6xAKL5vY8NcHm

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks