General
-
Target
Tools-Invoice.pdf (1).zip
-
Size
3.5MB
-
Sample
240309-aef9dsac78
-
MD5
2e96fb658ea4d43fe3dd89cc16339e43
-
SHA1
e31007aa860c9394ecd0a2557e63235cf3454ea1
-
SHA256
ddfd72d4bf18b66dab7f2c25ec3109b9de4cdccb8d7e59695bec8a1d60d3a17e
-
SHA512
2fb188ced1cfcc353a0ac4bbbe134ae4633586db6ad232f306624bf881f1d364e87519b489c50d8d514ffceeed9ecaafc65e478027a0b7e5dd83357020a0f137
-
SSDEEP
49152:WjKhYNuvZEZ3PytGAU1Z5/LBeoyZlX1wH6KzlBxFKfDfOt:WjKhwI0qtv8ALL1jyXHuDfI
Static task
static1
Behavioral task
behavioral1
Sample
Tools-Invoice.pdf (1).exe
Resource
win7-20240221-en
Malware Config
Extracted
jupyter
http://146.70.71.174
Targets
-
-
Target
Tools-Invoice.pdf (1).exe
-
Size
272.0MB
-
MD5
19ec298f977fdc71f195a4782fa8b156
-
SHA1
4a6035ce7510a7cc02bb785244e2cfcaec89131d
-
SHA256
32b42c8c10ce7ec03005931d079fe7bb7f0e5b36bcf57a789081c6f7787e630c
-
SHA512
d8cd8e043c24998d41b06ed0de8a8628389dab04be583094e68f5660ccc666dc260367297d373c800869fe36878aa8730fe35c2eb0b1e6631c0c2fec338b2391
-
SSDEEP
49152:Uj+t6IRUEFX1PVv3Gfbs8HuQq1nvHol6Kz3DfjkJO:Uj+tNtV/AAFBH9yzLt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-