8d7829fdf9e3e6eab5e05474f6be67cde0e50c03b0065680cea769c0405c50fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Invoice 23257538_PDF.wsf
Size

27KB
Sample

240125-z8ep4ageej
MD5

94755fdc14fee979c9b2c57ea31c6bb1
SHA1

91e7a0e8dd4486b70332caf97ceb6ee2d9b2f089
SHA256

8d7829fdf9e3e6eab5e05474f6be67cde0e50c03b0065680cea769c0405c50fe
SHA512

7ee077c13282b26a17480511239fd75c7ae7a46c4822ce7e7f25dbc413c7f70f06b728055bb2cfe0681c9dc2eee36fa760116a9c491f2f2eed84012fd94d192e
SSDEEP

384:0DCVaSWBDm88usJkVMPFIlYsBjaJf/cZtabuIEf2fFOK8qyBuL0iOlABRcpfcdQl:0eVaSW3hsJkVMPWfwR/clKcg0iBBsBgW

Score

7^/10

Malware Config

Targets

- Target
  
  Invoice 23257538_PDF.wsf
- Size
  
  27KB
- MD5
  
  94755fdc14fee979c9b2c57ea31c6bb1
- SHA1
  
  91e7a0e8dd4486b70332caf97ceb6ee2d9b2f089
- SHA256
  
  8d7829fdf9e3e6eab5e05474f6be67cde0e50c03b0065680cea769c0405c50fe
- SHA512
  
  7ee077c13282b26a17480511239fd75c7ae7a46c4822ce7e7f25dbc413c7f70f06b728055bb2cfe0681c9dc2eee36fa760116a9c491f2f2eed84012fd94d192e
- SSDEEP
  
  384:0DCVaSWBDm88usJkVMPFIlYsBjaJf/cZtabuIEf2fFOK8qyBuL0iOlABRcpfcdQl:0eVaSW3hsJkVMPWfwR/clKcg0iBBsBgW
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2