52ea9be06a5b9c5aedeedfe236973dd48d1a3b694c58f4e12e1d2f7946cc2f1b | Triage

Sharing

General

Target

22112023_1935_22112023_5170006981.gz
Size

64KB
Sample

231122-np4dkacf8y
MD5

c5fbbeca6a93db30154b7b2423e7239d
SHA1

679317aca79406d0a88c75adde3963b290a8f4c7
SHA256

52ea9be06a5b9c5aedeedfe236973dd48d1a3b694c58f4e12e1d2f7946cc2f1b
SHA512

745d25b74d417cbf5b97e0399c2012e3fb417ab95434ff1c20d0528b8df0a9fa5a2fccdf20d06e3e15fe3917b1ed11e354fbf08405b960b2858fc0bcccd141f5
SSDEEP

1536:ZXuYmbBUw2+Qy+/AhWXL5COXTScdhjWqasgkv4A4f+p1jN:Z+5awYy+/bb5dSshypsgRf+pRN

Score

8^/10

Malware Config

Targets

- Target
  
  5170006981.vbs
- Size
  
  124KB
- MD5
  
  4eb5819a85e373ef8ba7330d671045e5
- SHA1
  
  50db1df29877f7ffbd5a55011f4e15118113ee21
- SHA256
  
  dcc131a97cf6fdc68ac23fa0fef7da91ea0998251522670a94af7580eacc0a00
- SHA512
  
  e919ac440aeac6871bf7d49a2f410905c87b309c01eca9b8b50af8a9e0ac7efcc0b2d31494d0fca3b1ade739af4a6cfe8037b2b5e49a534f66d8430653ee7f13
- SSDEEP
  
  3072:Kvgb9MaQAP2TEEebU7ti0evVePbV4AI/UnKfBd7:ygb9Map2TEEoawVezRIJ5
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2