General
-
Target
12112024_1615_Передсудова претензія-Передсудова претензія.7z
-
Size
1009KB
-
Sample
241112-tqc6nazjgl
-
MD5
5e6b6eaf3e1f2b986b20e659c15bcb16
-
SHA1
a93d5d9b3ccfc5daf5f95782ad0a60f247e0c82b
-
SHA256
eaf9bea9495fcb9a33dd65b212028a04b10b68116903e4d445c5a28b06f8a436
-
SHA512
6652027a9c0bfc1a0383fb7bff536fb037add0f92aef73d8c6a4a23e4d4181a36ffaad61513f4fa588bcfe83cbf4874e4aa6baf33803ca696ffa8237fbfab913
-
SSDEEP
24576:7N3LBryZwlr97PRdZubid8lBH5qEEnzhX+Lkd:7VG4obQGHUEkzhXnd
Static task
static1
Behavioral task
behavioral1
Sample
Передсудова претензія/Передсудова претензія.pdf.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
Передсудова претензія/Передсудова претензія.pdf.exe
-
Size
1.0MB
-
MD5
fc877cda1618318751789044fb01a6bd
-
SHA1
15f90c8f5c543964a33d62d6e68f62a6d2712262
-
SHA256
ec059d014e9208dceded5ce614ea4f95e26c1ed45ad81ce5de348e5df7647197
-
SHA512
b96c3148e98b089ce25b1a2987df24f87bd0e7cd312ee9dc270ce3d6dacc48276213f313c162dc721440410c2ca1a265fd54eea546095a2cafbe2a34cac912d4
-
SSDEEP
24576:ruPaNmFtZU7DPNqRLhVVOgHD/raiDhFDsoUCcjL:NQzUvPNakGbD/soUdjL
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1