be9f9de0f35b47502558668a9d9ac969f460e6edb831864d823bfa189dc27424 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RADICADO_SEGUNDO AVISO 4111889-22-005-2024-0333745-33 Orden Tribunal Superor de la Judicatura Mayo 14 de 2023 Juez Camilo Mercado Ordena Adobe Acrobat Reader (1).rar
Size

1.7MB
Sample

240522-vpyawaab2x
MD5

fffee07c26262dabf302341ed094fa2f
SHA1

4ee2081c00eedb9389a7127e2d1a5f7080a05d10
SHA256

be9f9de0f35b47502558668a9d9ac969f460e6edb831864d823bfa189dc27424
SHA512

4987ea2e795f73833c7c83d33e22246becd411b05b9693996afb06232eba14528b25677d366f9823d8babd04ab27c97535e548d6011d327c43674639069e95e1
SSDEEP

24576:RiDTLB4MGPAv+TgFe/IaJO8aQ+1h9PsdUt5ZPmnwdQMEqo7HDzkcXSkzbe:miPAx8wZnPzt5u1MEqyHDzkg5zq

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  RADICADO_SEGUNDO AVISO 4111889-22-005-2024-0333745-33 Orden Tribunal Superor de la Judicatura Mayo 14 de 2023 Juez Camilo Mercado Ordena Adobe Acrobat Reader.exe
- Size
  
  4.4MB
- MD5
  
  07c3feddbbc055797a2885b889bc83ea
- SHA1
  
  3a9658ad01d8a5327791fcabf79c67b7ad9aa609
- SHA256
  
  555b0c29548401ebb21be6cb27cbf6a1c60affc6ba19f68a1aae372fc740ab33
- SHA512
  
  31447ac661d344ec5bbe039fcd34933fa55fbf6c1c710368f0cabe4cd3f9ca04a382478c4954454ecbd72a1b8a2c3afafc6b7f1a9946cac657b8a6079a7a0750
- SSDEEP
  
  24576:IKPaop1I3c1rHrG8h8EOzPwFX3bPf3wO7X+TOREbYCjDmJ4TtRkiIdM/naEtkEiy:Ih
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2