9f732f21cd6bea13a4dbabbf90aa687cafd5b4b530ec27066152479e37f4cec8 | Triage

Sharing

General

Target

document_Y265_Nov#22.iso
Size

1.2MB
Sample

221123-hbmk1adg32
MD5

d782ce153ee4ff3e2e923e59490f30d6
SHA1

1d91a7c75acd202ecf89bd001660885b99c37b98
SHA256

9f732f21cd6bea13a4dbabbf90aa687cafd5b4b530ec27066152479e37f4cec8
SHA512

eb3796e5030727b1859cd4bf949d45aa24cc6c2516a50ae1dc21e65c72bfaf7af77760d2fdaf0d7bf18766df88885c31e66b7987be1f085dc83f501c7ea9088b
SSDEEP

24576:vtE8Z3shoA9qB8DvUAZkl9iIDIQIFaOGYnknF6:e8vmqB8DUAZklKxnknF6

Score

7^/10

Malware Config

Targets

- Target
  
  document.vbs
- Size
  
  9KB
- MD5
  
  f433d8822f70bc508a0283099a8909f2
- SHA1
  
  5c32b5347f100127a7888a367a5f0e808125d841
- SHA256
  
  98667994f4d83f11bc5bba249a5d046314541621a0fa6da9d18117ec1e20e090
- SHA512
  
  80c2bb7382b30ba2f13635d09c9c06557ceea13cf55b40221aaeb191317e6ed020b4f1459152d74952d2e5f00f9c9c791e8c5dad2882e420a05646fc62f8c112
- SSDEEP
  
  192:ReSjpUorcl/E4hp3aD/OCMhiEe1mUS1G0vdzgW20fkbsgTbpQt:c4pnrcpE4hpPCMhidmnGm80jWb4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  overhauled/honorary.temp
- Size
  
  1.1MB
- MD5
  
  27eeb5dcd9a3a0595abfb91e9bb3b5ba
- SHA1
  
  7d83ca3c84666f6cdfd80e2c381f2705d23f0092
- SHA256
  
  35112867ca795712c7a894f142356e6719a31109a5cb8d62100923abfdd7e2ee
- SHA512
  
  7050510510a2c1fc3c8644e8ee10ea5000e66a9497d4a075504bdce147d6d021dde49c8d7649485357143914644053e39eb48554430480ad69e8d3b607d979d4
- SSDEEP
  
  24576:g8Z3shoA9qB8DvUAZkl9iIDIQIFaOGYnknF6:g8vmqB8DUAZklKxnknF6
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4