06b268a90ab8b5fe790bed255e0e84ea5cb898e0eb3325483ea6660297a4490c | Triage

Sharing

General

Target

client.zip
Size

47KB
Sample

231009-rmaj9adc8z
MD5

79664892b34db0b5faef6104ae02d21e
SHA1

f70f91271fb4bbe5827006f01a3aa074a0bfd51b
SHA256

06b268a90ab8b5fe790bed255e0e84ea5cb898e0eb3325483ea6660297a4490c
SHA512

baf2495959f47b4a73b3b40226ee6d9c4fce51eb765951d6cb8c40fde004d88663e62aa287972abd7c47b795e3735dfc96e69e6e923b4dd0d09be9d927d317e1
SSDEEP

768:YY/bxOBQ7BvOgU3BM1V8arwPrxnFxjdmGATB+1vovWTigQySw8c/n4tzvPoDZmPR:Y2dSivOgURMAbrxHoGA9wv0WR/r8c/nu

Score

7^/10

Malware Config

Targets

- Target
  
  client.vbs
- Size
  
  198KB
- MD5
  
  47d4112762e22ca93e828eca0cbaf929
- SHA1
  
  48eb88f25c777d4f517cc77b797eebb4f8ee5a5b
- SHA256
  
  ca6fe3037264b087f01f842c1ea16f936ea070a8118d9562e401fd70ee93abcc
- SHA512
  
  2df3a7fbd7f59029fb8c1951a1ebf495b255054e3a09f250480c88ee31859209670c9e01ce9fdda76770d4c93a2e1c0557c9540970147b793957ce468dc20c63
- SSDEEP
  
  6144:XvvrDMlOrSPKYDMRD6rVo2K0E0/ltNquuCXLUD2JkKtnTgK5QPaqO2PbNrwpi8hl:fUdXjmkma
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2