Overview

overview

7

Static

static

1

ff8622cb-1...6b.png

windows7-x64

3

ff8622cb-1...6b.png

windows10-1703-x64

3

ff8622cb-1...6b.png

windows10-2004-x64

7

ff8622cb-1...6b.png

windows11-21h2-x64

3

ff8622cb-1...6b.png

android-10-x64

ff8622cb-1...6b.png

android-11-x64

ff8622cb-1...6b.png

android-13-x64

ff8622cb-1...6b.png

android-9-x86

ff8622cb-1...6b.png

macos-10.15-amd64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff8622cb-1a90-4803-b6ad-a0df680db36b.png

  • Size

    93KB

  • Sample

    240426-f3c5jaad35

  • MD5

    4931631716d779d369d04e14fd9d3af4

  • SHA1

    154be452c16e47a35a4f10ec6883d00621328cfd

  • SHA256

    14c4da526aa0f4dda5f38f95752cf355b329ecf052d2e0cf2b5f5ce39760f436

  • SHA512

    3cc25050f0445a83a94502d70c749621be596574ae1ea28cddd60f8b41b27e99c4d55fe0471ee281e611e696b9a57c9d7b2490a14d11784bd4b54279f45a115a

  • SSDEEP

    1536:vNv7OFwv4nZdGnP7ylyEC5Copn4sJ8I7HoYhHO3vAsfn/2+sUx9htW4W6V9gDBmh:vdJS/m7NNfd8IM0H8n/2B0UyKAcFcr5

Score
7/10
androiddiscoveryevasionlinkmacospdf

Malware Config

Targets

    • Target

      ff8622cb-1a90-4803-b6ad-a0df680db36b.png

    • Size

      93KB

    • MD5

      4931631716d779d369d04e14fd9d3af4

    • SHA1

      154be452c16e47a35a4f10ec6883d00621328cfd

    • SHA256

      14c4da526aa0f4dda5f38f95752cf355b329ecf052d2e0cf2b5f5ce39760f436

    • SHA512

      3cc25050f0445a83a94502d70c749621be596574ae1ea28cddd60f8b41b27e99c4d55fe0471ee281e611e696b9a57c9d7b2490a14d11784bd4b54279f45a115a

    • SSDEEP

      1536:vNv7OFwv4nZdGnP7ylyEC5Copn4sJ8I7HoYhHO3vAsfn/2+sUx9htW4W6V9gDBmh:vdJS/m7NNfd8IM0H8n/2B0UyKAcFcr5

    Score
    7/10
    discoverylinkpdfevasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2behavioral3behavioral4behavioral5behavioral6behavioral7behavioral8behavioral9

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

1
T1564

Resource Forking

1
T1564.009

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks