Overview

overview

7

Static

static

4

CV_zheregelya.pdf

windows7-x64

1

CV_zheregelya.pdf

windows10-2004-x64

1

CV_zheregelya.pdf.lnk

windows7-x64

3

CV_zheregelya.pdf.lnk

windows10-2004-x64

7

cv.exe

windows7-x64

1

cv.exe

windows10-2004-x64

1

version.dll

windows7-x64

1

version.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f761d87cea888c09206e10627d8de9da113ed934d0f4f88f9d25384df0afd015

  • Size

    927KB

  • Sample

    240709-n3mb7ssgmq

  • MD5

    95ac830b6f0a905d17cadb4e2875b14c

  • SHA1

    c6da79a12c296192dda3f14174bae0b8c9fc4fc1

  • SHA256

    f761d87cea888c09206e10627d8de9da113ed934d0f4f88f9d25384df0afd015

  • SHA512

    c83a6d43fbfa0f6814c4c07b47d4945bf150b6b744b4bfca0c205164db29daf756f5790c9e11549c5eea0392aecc124961a490c67ca6c8ecc5a04ee9f3d5c5bc

  • SSDEEP

    24576:RswSsS+1E1G97oB96AKWAQXCsYN7pYYMM6xq:RzSaE167oB96AKLl7p9MMiq

Score
7/10
executionlinkpdf

Malware Config

Targets

    • Target

      CV_zheregelya.pdf

    • Size

      84KB

    • MD5

      f6b83cce436b395dd88247e02f0486b3

    • SHA1

      4aca0afa9f5690834929ff7d2cf88d2c9104d90e

    • SHA256

      70326b666d8af10edf5511458fa68d50c019b2d9b7e78307a213699c6f56ae59

    • SHA512

      6ad68b15141a3d7dc9cbcb7b31bd3cae8c576ebe636b5a2695559916c304b3c6192d78e714868eead863e3af71ed5322908f7c3f7ee10bcc8cf76202778ed142

    • SSDEEP

      1536:x+pvVo2dsm2q+7EcSXzX/KWOkNRdvMk++Y2VdRRw:x+pt/dT2q+Yr/KWDDU2w

    Score
    1/10
    behavioral1behavioral2

    • Target

      CV_zheregelya.pdf.lnk

    • Size

      1KB

    • MD5

      0a533419e2601004585b16d46d3d212f

    • SHA1

      b247eb947591cbd5569b64b6dcbbe32bc0d1f859

    • SHA256

      232a0ab1ffe72a5e12aa881c2b2b5e04af662dd84d594f9ad0e3c26f1abe0337

    • SHA512

      6b28c70f357cbd357cb81a12eccb66e2c54ff5e4f9f6026e9457f8361ef208e256f8fa784ebdb7167f21b20602510b87bed1c67449c179676fc869a20a6e67bc

    Score
    7/10
    execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral3behavioral4

    • Target

      cv.exe

    • Size

      544KB

    • MD5

      17954e24dc5a85c3d107b46e1250cc12

    • SHA1

      3c40842922857c46586a394e536aa503a94a4257

    • SHA256

      729f127be9398f24063555026eb9979bc3c49554caf0ac221aafbd87faf74037

    • SHA512

      9d3aa9143d7f9519ed2a3b148a4c92f89c54c50f5a3025d53768a56fdafd094bee6228f05991568f9e07a72e65245cb6b5efbdff6a38eb144218f7714fe28617

    • SSDEEP

      12288:HnDmDhpuQj91cbYeChYgG10tJQuvtcRbnu7O:HnDmZ9BeChYgG10tJQkwbnKO

    Score
    1/10
    behavioral5behavioral6

    • Target

      version.dll

    • Size

      1000KB

    • MD5

      f752dbed5db9df8cd60432645c9f3df8

    • SHA1

      accf775537968ade9ff305fc684230bfd68cfc1f

    • SHA256

      95d79e01809bc912217a12dc204d3e033b5ef60b56c96b9b3e25cd7aab5d2064

    • SHA512

      2e38c0b321e60fc907cd81fb547db62f7e2929b4ba22e93836a43006daa3b671be4410981359e4b84265512b5a0ece359da72525bb961d2a2c7ed6210b023587

    • SSDEEP

      24576:BmE/tBwMsfAKazhRNz6O5y4/LH+MC0Wt/BUB:BmQ/n5R0d4zeNK

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

PowerShell

1
T1059.001

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

4
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks