010e0a0e99fec9b024c5d08a220e154938ca975d0aac5a68731c0fc5600eaaf6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52c1493d4b7307ab4ecf1660ef7f049d.bin
Size

34KB
Sample

230922-bval8ade96
MD5

ed710f53253fca7bb0c18c14b8350e9e
SHA1

e21b83987d5ae1b1094e5b957f241216955c56fa
SHA256

010e0a0e99fec9b024c5d08a220e154938ca975d0aac5a68731c0fc5600eaaf6
SHA512

482352817a2cc95f0aafb827075f81c9dd87d33c0bc29af078733481efd1782d85c9e2e4e3cfe2e404abaf04c65a38db1732bae1b0d70ac7514b52366fdccf8d
SSDEEP

768:jpgqQZDvV6AINCQp76l6+b28EYCAhkP0BIwd28R:jSZTVPINnp6bEY5huwIg

Score

8^/10

Malware Config

Targets

- Target
  
  c160b31fcb8ecf9cf6d306d0dafc5ddf0ea16ff502b6125c703712d5169a6270.vbs
- Size
  
  113KB
- MD5
  
  52c1493d4b7307ab4ecf1660ef7f049d
- SHA1
  
  cf4e536fda868cd001f45d4d61a488aebdf94325
- SHA256
  
  c160b31fcb8ecf9cf6d306d0dafc5ddf0ea16ff502b6125c703712d5169a6270
- SHA512
  
  f62a92588faa0690736dc7e3541524ad3cb79b60b0383d9081fee150173e87bd249aaa032c6b0d8f15c65beb001e0c22ea41bf62bf069bb665ba44393e801445
- SSDEEP
  
  1536:iYdHh7wdKWHpaQc9+/+kD/5lkNuLggiHQH:bxh7XqwImYy2gdHQH
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2