600dc96e1ab08056cacac0a94158b609a565bbd1a682be71eea704405949c80f | Triage

Sharing

General

Target

Justificante_10.rar
Size

13KB
Sample

231011-rv4hasfa87
MD5

57c44d7d9bb279a072a09e699e1b099a
SHA1

5ce513d4f441ef281614c5d131f1b8fe55973357
SHA256

600dc96e1ab08056cacac0a94158b609a565bbd1a682be71eea704405949c80f
SHA512

a60d99e4cd7edbb2782574da0d6cf27cd2aeb287c4234d1e7dc500607eee3c2c66b9f726f591ad848a7a5f9601189cd8626d3fca8d2c9979bee20914f58f2c4e
SSDEEP

384:T5vAJwDwrKJFHWwQMdwYxspsXJ7p5zsfO:T5IJwD4QBLDxGq1p9qO

Score

8^/10

Malware Config

Targets

- Target
  
  Justificante.vbs
- Size
  
  23KB
- MD5
  
  c17a702d13da16d40d60d624866e5662
- SHA1
  
  21222a8d1c645ecccc07090558a93cc28844fd80
- SHA256
  
  3366e7cf0549781bef6c2690dd392ad34cfd7c3355e99f3d042256d6df2b4281
- SHA512
  
  ff41f3c65eff02bf8c9c97b3701422f9f48a76c5b3239d905db3a2b6799b9ba95dea2fda4be37403323418e18123370b57ceeddb92adcb474cd06bc508fa2fc9
- SSDEEP
  
  384:tDH9kcbBojN2IDLDpNXI+icmCPYoM5IZJuX7PvZDKZFdjiHf1Q4nBT:tDOcbBQ2IDLscmCPYoMX7PRKo3
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2