General
-
Target
Rechnung0192839182.pdf
-
Size
88KB
-
Sample
241010-gp7mnayhlf
-
MD5
b42da2c97afc62d51147fb36e96a648e
-
SHA1
ad631d0c4bef6b941bd61ff2860629e654a6c394
-
SHA256
bfd58f9f8557a8f8e8ddf4fad14a8588d1a529647c5aa170c0ed1bcf065fc287
-
SHA512
228db4bb8a54a80a19ac47744acb2bc70125bf73f5974b6cf45644544a1af1864a79a0648676904fd859956892c538e8d65d008cca3a8d9c58d6faa0a760a3fb
-
SSDEEP
1536:oFdBt4uc0o9uqdh+XICvr/HZ9QDUIWEtZgowq8sAsz+2Vb:cfnokwoIar/Htc+sAsz/b
Behavioral task
behavioral1
Sample
Rechnung0192839182.pdf
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Rechnung0192839182.pdf
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Rechnung0192839182.pdf
-
Size
88KB
-
MD5
b42da2c97afc62d51147fb36e96a648e
-
SHA1
ad631d0c4bef6b941bd61ff2860629e654a6c394
-
SHA256
bfd58f9f8557a8f8e8ddf4fad14a8588d1a529647c5aa170c0ed1bcf065fc287
-
SHA512
228db4bb8a54a80a19ac47744acb2bc70125bf73f5974b6cf45644544a1af1864a79a0648676904fd859956892c538e8d65d008cca3a8d9c58d6faa0a760a3fb
-
SSDEEP
1536:oFdBt4uc0o9uqdh+XICvr/HZ9QDUIWEtZgowq8sAsz+2Vb:cfnokwoIar/Htc+sAsz/b
Score10/10-
Detects HijackLoader (aka IDAT Loader)
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-