c2071407cf960fa166ac47d86f4a92b64873cd8c37a4ea416e80488c5f327c8f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PERSPICIATISM.iso
Size

166KB
Sample

240306-xfr4lsfe26
MD5

75ea2aa8c2a3503ed39fd807de9fe0a3
SHA1

09554bdd6197cb848ce2bb69cd353c1d34bafc2c
SHA256

c2071407cf960fa166ac47d86f4a92b64873cd8c37a4ea416e80488c5f327c8f
SHA512

c4ffc40425e4d5903a62cb6beb76a239393b4525437f01a2e67e7e1992c206bfb3ec4332b667146515f9a6ed3f6c6e442cc13d68c4fac9049516eca246078d8a
SSDEEP

1536:ebnS9bCgj6dJEkgOzOk3+oLGzFjO8n2dtkosu31M:9EDzPJL2mX

Score

7^/10

Malware Config

Targets

- Target
  
  Open_Document.exe
- Size
  
  11KB
- MD5
  
  b947cca7f485f6c1156f4d02e8c9874f
- SHA1
  
  9f184e48f17f104c6a476687e8e760a65a0326b5
- SHA256
  
  a70d52eda892edc073932b462cc367cdbfbace3f4196857d8d4fa869a13de792
- SHA512
  
  28c6ff32bc94aad8b201e469f854dde32cad9eb2e7a80ed858ac2ff99648312cecca06918bce96e8d905d52d5ebee076bd08d957f7933602c0c79d93ead20ee3
- SSDEEP
  
  192:ZV89t7hglDCS8O3GbXdYFWihWxu/sWGOW:ZVM7hceSP3IXioxu/sWGOW
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1
- Target
  
  data/document.rtf
- Size
  
  3KB
- MD5
  
  b165a780f5d3061dceb7baee37c44a50
- SHA1
  
  333492656052c9716efdeee553c5a17c6cbc91d2
- SHA256
  
  66bcb4ff2b542638fad440578934d815d2aa17242e623055d775a5017e9094a4
- SHA512
  
  763acc988dd3a43a2e3b106b264a53b020404c7776b0a33f3ef0c6b5a26b7945597a7b530e6e1b8ad185a4dd956db8300dd0602971885d7e635d56384a569c95
Score

4^/10
behavioral2 behavioral3
- Target
  
  edputil.dll
- Size
  
  95KB
- MD5
  
  4b46474e51d8687190e4e539b6691f9a
- SHA1
  
  7f32b12ba975205e29b113a000dc87758e5deaf2
- SHA256
  
  905a3a144f94a38ac6059759879caec19cff446b98c24bb2035b3293330e03b2
- SHA512
  
  85eafcdbdffc2ca88f89a7078664dfbd00356f1dc7d1de1848ec5c7e162748132834b8d59f0df658eb31a8640494ef8c309b005c628d871c5f52b84bb5d1f7e0
- SSDEEP
  
  1536:ebCgj6dJEkgOzOk3+oLGzFjO8n2dtkosu31Mv:RDzPJL2mXQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral4 behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5