General
-
Target
Corel Contract.pdf.exe
-
Size
31.9MB
-
Sample
240509-gtl7hsge76
-
MD5
fa0a845244e29f452ba64d1955402b70
-
SHA1
4290a01fc6059372f47c36580699f61f258e0135
-
SHA256
f5f4b491da95138521f2753f9d673b494ea17014ef4784d48a106a43be622115
-
SHA512
3e5c171c9f30387444b44b1092220443e1c1c13c0a7480549f7949c48c14f8878bd7f34d6c1ae43c7b12f32d666b006f8ba3d294cc10ac9c0145910c25dd0228
-
SSDEEP
393216:UVUdMsKOwv6aVsoHIwC1cBC8GGwIitdeWFgUHiMrwPVu/jKFdu9CwJsv6tzgmu:KQMsKqaVLBC1cKGwIitdeOgUHiMF/Wb
Behavioral task
behavioral1
Sample
Corel Contract.pdf.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Corel Contract.pdf.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
Corel Contract.pdf.exe
-
Size
31.9MB
-
MD5
fa0a845244e29f452ba64d1955402b70
-
SHA1
4290a01fc6059372f47c36580699f61f258e0135
-
SHA256
f5f4b491da95138521f2753f9d673b494ea17014ef4784d48a106a43be622115
-
SHA512
3e5c171c9f30387444b44b1092220443e1c1c13c0a7480549f7949c48c14f8878bd7f34d6c1ae43c7b12f32d666b006f8ba3d294cc10ac9c0145910c25dd0228
-
SSDEEP
393216:UVUdMsKOwv6aVsoHIwC1cBC8GGwIitdeWFgUHiMrwPVu/jKFdu9CwJsv6tzgmu:KQMsKqaVLBC1cKGwIitdeOgUHiMF/Wb
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-