ec01c971910cefaf107cd44a7d4c7e68d6e1659ee24c60340c505511d37104b3 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

2023_Annua...df.lnk

windows7-x64

3

2023_Annua...df.lnk

windows10-1703-x64

8

2023_Annua...df.lnk

windows10-2004-x64

8

2023_Annua...df.lnk

windows11-21h2-x64

8

Sharing

General

Target

506a64c619580bc91a51bde3a3c3f5aced3ed1106413ac11a721c56817b04573.7z
Size

35KB
Sample

231223-1kwt5shcfr
MD5

f2ea3d4b06e447ca5b44df6ba8cd4a9a
SHA1

07df3200e1a7edaebfa44031dfc375eac3374809
SHA256

ec01c971910cefaf107cd44a7d4c7e68d6e1659ee24c60340c505511d37104b3
SHA512

5ab9ca3329a3b8711f7ade585bbde76b30f74cedc30f501c287b11d732866f45f12865677af4b088cdcb679ab2520bfe469e2f1661484d29cb67f85fdf13e552
SSDEEP

768:18/fNqFe5GVTagDORFAPa/CCwN39MWhW1kKLxZp/J485ATb:18/FqFWNxbQHwxZpW85ATb

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

2023_Annual_Report.pdf.lnk

Resource

win7-20231215-en

windows7-x64

4 signatures

1800 seconds

Behavioral task

behavioral2

Sample

2023_Annual_Report.pdf.lnk

Resource

win10-20231215-en

windows10-1703-x64

12 signatures

1800 seconds

Behavioral task

behavioral3

Sample

2023_Annual_Report.pdf.lnk

Resource

win10v2004-20231215-en

windows10-2004-x64

13 signatures

1800 seconds

Behavioral task

behavioral4

Sample

2023_Annual_Report.pdf.lnk

Resource

win11-20231215-en

windows11-21h2-x64

12 signatures

1800 seconds

Malware Config

Targets

- Target
  
  2023_Annual_Report.pdf.lnk
- Size
  
  55KB
- MD5
  
  bbc4414d76d1a765f3d525556f616ef9
- SHA1
  
  c73e28d87fbbc8be79ed1d421e78a41c29111a86
- SHA256
  
  86f504dea07fd952253904c468d83d9014a290e1ff5f2d103059638e07d14b09
- SHA512
  
  2a7204e361ace1c5c03bc240b985d09cc1f1e67dce025dca5ac9d450bc7193e456d3602ab557abd9bd7ec4d96815e41df06cdce9359379b32c0e777aa9d54be7
- SSDEEP
  
  768:NLoFJQeDHeGYyhA5Z7JsCVResXebqwVCYm7/k/m7RU6d/dwiuGIjsZL2RxcNRyxc:NLBWYX5Z7JsCVCbqECB7cOm0OoxUURV
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2024

Terms | Privacy