081f8455e7ffb1b33a872f53f51deefc80662c72aa0912bf9c0b271b3497c3fd | Triage

Resubmissions

04/10/2023, 12:53

231004-p42nysdg55 8

04/10/2023, 12:50

231004-p28z9adg37 8

Sharing

General

Target

informacje_dla_odbiorcy.zip
Size

53KB
Sample

231004-p28z9adg37
MD5

bb6b574e259e83d2a35beeca9f7266df
SHA1

5b2f2739a663ddb0c3c553d19298f798cd5c1cfa
SHA256

081f8455e7ffb1b33a872f53f51deefc80662c72aa0912bf9c0b271b3497c3fd
SHA512

287f0979f5d19d5ac75f4bdffc63c3f85c687240064928034418bc8eed1856e1ab7c061b71184a23a4d973c79867784a8e1d9155f473a0b9374abf39a89a1e2a
SSDEEP

768:J9H4bR0/iyMFhgTIsPHQqc1Qsx0uoa6iSSkaXRKziuvCPIznCQSM3lh7HtZYZecS:J9YbR0ss/BciQPVSbiEKAzCRM3zgZecS

Score

8^/10

Malware Config

Targets

- Target
  
  informacje_dla_odbiorcy.vbs
- Size
  
  160KB
- MD5
  
  5f548f6cfd7551c882de8466dd1f8261
- SHA1
  
  b335e9e503312c8edf4d1efed14390a1427d99a7
- SHA256
  
  50805c300b2834a5fbbefecdee105de56eed13b0a55143c638b464f9f10a50e4
- SHA512
  
  7a7fac37a5ec9a89675af5e11083b8bf8b886983d86163bdaa471308fa1ff96d2be616e4e91b6a1b392b177612f5534731baa1e71ebe77ab6a5390280b25c60a
- SSDEEP
  
  1536:gK6ApJ9REE81riVeTitMiex/IVhhtQsbYQx6vmMjGkOIFBp+porm:sA3QL7xLXm
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2