Overview

overview

7

Static

static

3

14836901-5...df.exe

windows7-x64

7

14836901-5...df.exe

windows10-2004-x64

7

$PLUGINSDI...ge.dll

windows7-x64

1

$PLUGINSDI...ge.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    12062024_0111_11062024_14836901-5B4A-4FAA-A975-E03093619B2EURO, S.L. ( 11-06-24)4pdf.rar

  • Size

    230KB

  • Sample

    240612-bj5m8axdkf

  • MD5

    9a1223a76ea044be974afd3ea9686d11

  • SHA1

    eeeded1c770d2a7cb5d3bae8873400eeed89ca7d

  • SHA256

    471619422dae72cd650b9717f43a65aa02d9c8340dee35b3c1e44425f61bcde8

  • SHA512

    c7048ad44fa7338ca98d0ee4c9a24858dc576acdae0044a706cafeb2d3e27701ff4e028afb23c1658dec7fa11074b99ae4bc9d376ff34e148d5b813a7b031161

  • SSDEEP

    6144:W4fOqbhQ8yckZEzjruIAuT+Z9ihc68y7EDf:W6OkhQ8KxuVhwQEDf

Score
7/10

Malware Config

Targets

    • Target

      14836901-5B4A-4FAA-A975-E03093619B2EURO, S.L. ( 11-06-24)4pdf.exe

    • Size

      260KB

    • MD5

      d5867544e7fb701fb71e72cf8caf8df8

    • SHA1

      4d4d42bb8a49013f6804e5c21d35fd8da6d141b2

    • SHA256

      d8d23e874918f7f77e8ac832e69adef1bda5244e403364a6ad5cb18e8ecbcb5e

    • SHA512

      44ab53efcbee2fd11307edb5c7d4a24584bdf99232172cd25917f05fac52036dcdd2eafcfaf4342a33dbd1fcd643126232ef3ed10726003d45bc353907b544de

    • SSDEEP

      6144:eF8PG/65u7vsPKtMLdFKZijQyxnosyxr8J9eYzFpD:/Pq7EwMKZijQyxbewFp

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/BgImage.dll

    • Size

      7KB

    • MD5

      24db082241ace4aca15bdf1e8460c92b

    • SHA1

      d317ef130af6ea6a72a958eee20a58568d38f23d

    • SHA256

      d0607e535ff5573638ee1d70612e2239d5cb3c87307f48cfd57aa1c5cc0d9524

    • SHA512

      ec1dcf17e2e72dbdf06d91250f0698cd50144836a1ee4a3e8a50605e27f8106db595c61a81349a72ce652bc03aee0033fed1700d87d8f2d0e4cd1db9515e7ee2

    • SSDEEP

      96:8eD0AKTIfv7QCUsthvNL85s4lk38Eb3CDfvEh8uLzqkznLiEQjJ3KxkP:tZBfjbUA/85q3wEh8uLmaLpmP

    Score
    1/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      55a26d7800446f1373056064c64c3ce8

    • SHA1

      80256857e9a0a9c8897923b717f3435295a76002

    • SHA256

      904fd5481d72f4e03b01a455f848dedd095d0fb17e33608e0d849f5196fb6ff8

    • SHA512

      04b8ab7a85c26f188c0a06f524488d6f2ac2884bf107c860c82e94ae12c3859f825133d78338fd2b594dfc48f7dc9888ae76fee786c6252a5c77c88755128a5b

    • SSDEEP

      192:MPtkumJX7zBE2kGwfy9S9VkPsFQ1Mx1c:97O2k5q9wA1Mxa

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      b38561661a7164e3bbb04edc3718fe89

    • SHA1

      f13c873c8db121ba21244b1e9a457204360d543f

    • SHA256

      c2c88e4a32c734b0cb4ae507c1a9a1b417a2375079111fb1b35fab23aedd41d9

    • SHA512

      fedcaac20722de3519382011ccf22314af3edcd11b69f814db14710966853b69b9b5fc98383edcdb64d050ff825264eaba27b1c5adfe61d1fc9d77f13a052ced

    • SSDEEP

      96:f7GUxNkO6GR0t9GKKr1Zd8NHYVVHp4dEeY3kRnHdMqqyVgNPS3e:zXhHR0aTQN4gRHdMqJVgNPR

    Score
    3/10
    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks