Resubmissions

21-02-2024 17:44

240221-wa41jsch62 8

21-02-2024 17:30

240221-v3eqpacb9w 8

General

  • Target

    https://geteasypdf.com/pdf/lp5?main=headline3&lower=headline3&utm_source=oh-gdn&utm_medium=153500824274&utm_campaign=17428010086&utm_term=npiprofile.com&utm_content=689508795359&gclid=EAIaIQobChMIsojp3ve8hAMVCqcAAB0pAgFCEAEYASAAEgJ85vD_BwE

  • Sample

    240221-v3eqpacb9w

Score
8/10

Malware Config

Targets

    • Target

      https://geteasypdf.com/pdf/lp5?main=headline3&lower=headline3&utm_source=oh-gdn&utm_medium=153500824274&utm_campaign=17428010086&utm_term=npiprofile.com&utm_content=689508795359&gclid=EAIaIQobChMIsojp3ve8hAMVCqcAAB0pAgFCEAEYASAAEgJ85vD_BwE

    Score
    8/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks