2b383c571f83604fa5324e5c288ebafbf349eb79e6466c32c1c8458d60be017d | Triage

Sharing

General

Target

24112023_1452_Document_protected258.img
Size

660KB
Sample

231124-hm9vnsgc83
MD5

311690e99eb6130f1eb4b436839c583f
SHA1

7432a36e0f2d21811141802ae278de8e7e6da2ae
SHA256

2b383c571f83604fa5324e5c288ebafbf349eb79e6466c32c1c8458d60be017d
SHA512

6fb1efd844be80f44ebf0f9224c4f1b47e16c9933e217485bb7a411ee57804da03c67fb318e3a5cf7bbc0c01be80aaae3abf60ea259d04cfcae48b5aeeba7ebf
SSDEEP

3072:rXrmpOUNRVt5NRjd4uh+xHCWF+h885kfu4Llng9N:WO+b572m0iQ+h8bu4Lk

Score

8^/10

Malware Config

Targets

- Target
  
  D0C873643.IMG.VBS
- Size
  
  122KB
- MD5
  
  aef3eb515804159a6a6d75c60b689cc3
- SHA1
  
  25e3a4db17f363ded740b4b9aeb6ffc509cbed2d
- SHA256
  
  738b04c563f7c3dcb4f3bcb6d06445d1f2b6698173ab7caa4d1cb7804d7a67e4
- SHA512
  
  c35889068742310b580d61f58efcb3b034b02df4cfdf31fcc7915b53d65aed7f558e5099562a0823ae3083b0954ffc7d654f3c777f7037f222caab6405d8226c
- SSDEEP
  
  3072:UrmpOUNRVt5NRjd4uh+xHCWF+h885kfu4Llng9NA:BO+b572m0iQ+h8bu4Lku
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2