cc48d8c645c27dd850652c0a66e22dd2e1b62bbf6ad208f94b8f5847684a8d17

Sharing

Copy URL

Twitter E-mail

General

Target

analisis.pdf
Size

212KB
Sample

240521-rq5vkaha43
MD5

f28baa94ff32d8a4b006004b3c9c4261
SHA1

54677341b7e233d8c0b6dcd38dc5e9d1a58511ef
SHA256

cc48d8c645c27dd850652c0a66e22dd2e1b62bbf6ad208f94b8f5847684a8d17
SHA512

853dc19d16e4387210e63b3de74c044db802e429bf12d082e00b66f127bb64e742cad32e2b1f23661a11cb47341d7b34e249533b2fb15a3815ed81b677f64989
SSDEEP

3072:cyu1+HubW8lW1Sn6WEQKLy0jSaMWyAKCxxDghhiR9j4BIIADNI63Cv3UOLn5ZVv1:cyu1PdWEHEQlWyA/7am9kBAJIECvv5bd

Score

7^/10

Malware Config

Targets

- Target
  
  analisis.pdf
- Size
  
  212KB
- MD5
  
  f28baa94ff32d8a4b006004b3c9c4261
- SHA1
  
  54677341b7e233d8c0b6dcd38dc5e9d1a58511ef
- SHA256
  
  cc48d8c645c27dd850652c0a66e22dd2e1b62bbf6ad208f94b8f5847684a8d17
- SHA512
  
  853dc19d16e4387210e63b3de74c044db802e429bf12d082e00b66f127bb64e742cad32e2b1f23661a11cb47341d7b34e249533b2fb15a3815ed81b677f64989
- SSDEEP
  
  3072:cyu1+HubW8lW1Sn6WEQKLy0jSaMWyAKCxxDghhiR9j4BIIADNI63Cv3UOLn5ZVv1:cyu1PdWEHEQlWyA/7am9kBAJIECvv5bd
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  informe_payload.pdf
- Size
  
  32KB
- MD5
  
  8606faa60b008da0ce43437dc81be1e2
- SHA1
  
  13444f825362a6a946b3a91b13784d78fe3fc422
- SHA256
  
  4de3dde86d66424d79fcb561ace579d6b22919f52505aa177bd161bcf4157c4f
- SHA512
  
  e23e310399baf03034b51f1be445ea01a6ef2ec4f82da43af6c4639dc28834d49119ddb83f40019ff6c9b45124da637d579ef5289620a13a7078284c7fead33b
- SSDEEP
  
  384:3ZzPGPxHwgaWu7/+ulyEMZBSbtR+aHD7N9wUjOreoKxDIqPODwPMShkm/cbFk1GJ:3FqiDZZgzw0qBPbhbO9Ysax58svre
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral5 behavioral6 behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Adds Run key to start application

Checks computer location settings

Executes dropped EXE

Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8