fbc4c80bed684e0f027c46cba49e933b99df69bbfc62b7ee3b001821543623b7 | Triage

Sharing

General

Target

fbc4c80bed684e0f027c46cba49e933b99df69bbfc62b7ee3b001821543623b7
Size

868KB
Sample

221206-3p9ynseg96
MD5

d419bae96cbc8ca22f5dc4462f8a6ca3
SHA1

786b5a894aa05a6d10eee9a42997eea18265d8af
SHA256

fbc4c80bed684e0f027c46cba49e933b99df69bbfc62b7ee3b001821543623b7
SHA512

3e6a4081c8471d0fc50f66cdb16d14c36fd942625af16dce716191d76769db84f426a3ff78f92efdb9ef497dc6bf6e9522d8b1981e83ceac7865b2672dc3b134
SSDEEP

12288:O0anuaIFAQHh+xk283kP5NE0fC/mtuwdEncMvsFw+USLFucawSiB4ivzjIjO:OjNIFbkxT5NE0fXtbEn3ewoGwSinfs

Score

8^/10

Malware Config

Targets

- Target
  
  fbc4c80bed684e0f027c46cba49e933b99df69bbfc62b7ee3b001821543623b7
- Size
  
  868KB
- MD5
  
  d419bae96cbc8ca22f5dc4462f8a6ca3
- SHA1
  
  786b5a894aa05a6d10eee9a42997eea18265d8af
- SHA256
  
  fbc4c80bed684e0f027c46cba49e933b99df69bbfc62b7ee3b001821543623b7
- SHA512
  
  3e6a4081c8471d0fc50f66cdb16d14c36fd942625af16dce716191d76769db84f426a3ff78f92efdb9ef497dc6bf6e9522d8b1981e83ceac7865b2672dc3b134
- SSDEEP
  
  12288:O0anuaIFAQHh+xk283kP5NE0fC/mtuwdEncMvsFw+USLFucawSiB4ivzjIjO:OjNIFbkxT5NE0fXtbEn3ewoGwSinfs
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2