d9f51447b4a23f40db828b86343d1ab752f4c3ba3e072d93ebd54b4cc455608a | Triage

Sharing

General

Target

document_X615_Nov#22.iso
Size

1.2MB
Sample

221123-h893kafb37
MD5

eac25c067886e3742cb3683335dcd7b1
SHA1

778aaeb293bfeebe001edbf6c473c348732811bf
SHA256

d9f51447b4a23f40db828b86343d1ab752f4c3ba3e072d93ebd54b4cc455608a
SHA512

fc1c2023b42d71d3ed321366e9d7bb89a77436ea3557f2ff68d07427a98cc140926b368b4948a13081878c17305fefe17d6c989e37db0648dc0b20628a7509f6
SSDEEP

24576:4tk8Z3shoA9qB8DvUAZkl9iIDIQIFaOcYnknF6:P8vmqB8DUAZklKTnknF6

Score

7^/10

Malware Config

Targets

- Target
  
  document.vbs
- Size
  
  9KB
- MD5
  
  2d18b6b6e6f10d17657cf6dad66e8f0d
- SHA1
  
  28a46af66cb32e7ea0a1ed0f62b88054ef3e7dbb
- SHA256
  
  439b5d1bc5e28f08b5e9dfa21c133a8736ed236da208ace9974606075bee1882
- SHA512
  
  9fe42ee2fa1225b1d6524c16d3d249f1424278e76c7b9a3d3486737357f48674511a629ce4e0cbd1eeae90444c0b7e2762d28ab60eb4ef0d7ac3f5226b09e545
- SSDEEP
  
  192:WeSjpUorcl/E4hp3aD/OCMhiEe1mUS1G0vdzgW20fkbsgTbpQt:N4pnrcpE4hpPCMhidmnGm80jWb4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  overhauled/pees.temp
- Size
  
  1.1MB
- MD5
  
  9cb67b1d2443f2459f4940d5fb4eac5a
- SHA1
  
  510288cd5b1cf960a8c9d5825cbc23ad904f92ac
- SHA256
  
  1b0305d2292a342e0a4ffcce7ebeaa349c0f19703fe8d1b19c43e55281b8d60c
- SHA512
  
  edb8e54f53a657b618403f0acd81d8b7bed12383ba4bbad565334f28b2538d32c454b20fd8f69ebc187e7d15f400a0506abce4e0072839a601d4dfa6a936d704
- SSDEEP
  
  24576:g8Z3shoA9qB8DvUAZkl9iIDIQIFaOcYnknF6:g8vmqB8DUAZklKTnknF6
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4