9f732f21cd6bea13a4dbabbf90aa687cafd5b4b530ec27066152479e37f4cec8 | Triage

Sharing

General

Target

document_Y265_Nov#22.iso
Size

1.2MB
Sample

221123-hbmk1adg32
MD5

d782ce153ee4ff3e2e923e59490f30d6
SHA1

1d91a7c75acd202ecf89bd001660885b99c37b98
SHA256

9f732f21cd6bea13a4dbabbf90aa687cafd5b4b530ec27066152479e37f4cec8
SHA512

eb3796e5030727b1859cd4bf949d45aa24cc6c2516a50ae1dc21e65c72bfaf7af77760d2fdaf0d7bf18766df88885c31e66b7987be1f085dc83f501c7ea9088b
SSDEEP

24576:vtE8Z3shoA9qB8DvUAZkl9iIDIQIFaOGYnknF6:e8vmqB8DUAZklKxnknF6

Score

7^/10

Malware Config

Targets

- Target
  
  document.vbs
- Size
  
  9KB
- MD5
  
  f433d8822f70bc508a0283099a8909f2
- SHA1
  
  5c32b5347f100127a7888a367a5f0e808125d841
- SHA256
  
  98667994f4d83f11bc5bba249a5d046314541621a0fa6da9d18117ec1e20e090
- SHA512
  
  80c2bb7382b30ba2f13635d09c9c06557ceea13cf55b40221aaeb191317e6ed020b4f1459152d74952d2e5f00f9c9c791e8c5dad2882e420a05646fc62f8c112
- SSDEEP
  
  192:ReSjpUorcl/E4hp3aD/OCMhiEe1mUS1G0vdzgW20fkbsgTbpQt:c4pnrcpE4hpPCMhidmnGm80jWb4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  overhauled/honorary.temp
- Size
  
  1.1MB
- MD5
  
  27eeb5dcd9a3a0595abfb91e9bb3b5ba
- SHA1
  
  7d83ca3c84666f6cdfd80e2c381f2705d23f0092
- SHA256
  
  35112867ca795712c7a894f142356e6719a31109a5cb8d62100923abfdd7e2ee
- SHA512
  
  7050510510a2c1fc3c8644e8ee10ea5000e66a9497d4a075504bdce147d6d021dde49c8d7649485357143914644053e39eb48554430480ad69e8d3b607d979d4
- SSDEEP
  
  24576:g8Z3shoA9qB8DvUAZkl9iIDIQIFaOGYnknF6:g8vmqB8DUAZklKxnknF6
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4