fd0b02703d5e977c8231a392c40f5db08bb1e582b7ba525ecd6981951c8b0592 | Triage

Sharing

General

Target

DHL-CUSTOMS-REQUEST-802487487001.vbs
Size

1.5MB
Sample

230307-zjqq3abh92
MD5

973d03baf56649b8b0fb97a3b495c034
SHA1

f95476568351850cf7e0535af95f02a612613417
SHA256

fd0b02703d5e977c8231a392c40f5db08bb1e582b7ba525ecd6981951c8b0592
SHA512

6968b8793c47b692cc37eb280a7153267eb4e62acf00931b5e36acc958258f8dc414d61a4612dbf634d965555e460ddd06923c6fcaf9d3aa1220ef289c1874ee
SSDEEP

24576:Th72fI1WQNwD8PvxgwRtX7oDOOwD6fLSG0fDm1J8S2Wa2F8ANPsTFLH5:FayZ33kj+G0aY5SN41

Score

7^/10

Malware Config

Targets

- Target
  
  DHL-CUSTOMS-REQUEST-802487487001.vbs
- Size
  
  1.5MB
- MD5
  
  973d03baf56649b8b0fb97a3b495c034
- SHA1
  
  f95476568351850cf7e0535af95f02a612613417
- SHA256
  
  fd0b02703d5e977c8231a392c40f5db08bb1e582b7ba525ecd6981951c8b0592
- SHA512
  
  6968b8793c47b692cc37eb280a7153267eb4e62acf00931b5e36acc958258f8dc414d61a4612dbf634d965555e460ddd06923c6fcaf9d3aa1220ef289c1874ee
- SSDEEP
  
  24576:Th72fI1WQNwD8PvxgwRtX7oDOOwD6fLSG0fDm1J8S2Wa2F8ANPsTFLH5:FayZ33kj+G0aY5SN41
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2