330d36e248881a0a24a7d0612f3ac9a5a24cc960b36c2fe9ba0d63941b12fc18 | Triage

Sharing

General

Target

Документи.pdf.lnk
Size

1KB
Sample

241121-lvgewa1grj
MD5

cffb40e13e3aa6761330090b42314c36
SHA1

eb73790a82578588c0080175f8ac215025e57389
SHA256

330d36e248881a0a24a7d0612f3ac9a5a24cc960b36c2fe9ba0d63941b12fc18
SHA512

a5afb280e5cb16044e6ee77e3e4c696e45e065520e09d62fbc62d2b6e9938fa738a728bf7fe8815ca35a5fbe5b180574bda33ba380b8b5e6402f14aff7dd9913

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  Документи.pdf.lnk
- Size
  
  1KB
- MD5
  
  cffb40e13e3aa6761330090b42314c36
- SHA1
  
  eb73790a82578588c0080175f8ac215025e57389
- SHA256
  
  330d36e248881a0a24a7d0612f3ac9a5a24cc960b36c2fe9ba0d63941b12fc18
- SHA512
  
  a5afb280e5cb16044e6ee77e3e4c696e45e065520e09d62fbc62d2b6e9938fa738a728bf7fe8815ca35a5fbe5b180574bda33ba380b8b5e6402f14aff7dd9913
Score

8^/10

persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2