2b6e9550fc7ff487a373010936375d9c21147d91eb8bbe120d8e9c30e20d936b | Triage

Sharing

General

Target

2b6e9550fc7ff487a373010936375d9c21147d91eb8bbe120d8e9c30e20d936b
Size

12KB
Sample

240311-ywq2xsfa68
MD5

0839abe90f40c7d5b5894494df0b2bad
SHA1

74d620cd9190d865c7fb5c39dd69ac2cfcb32e52
SHA256

2b6e9550fc7ff487a373010936375d9c21147d91eb8bbe120d8e9c30e20d936b
SHA512

6ff671ba807057b6a140aea48f8007313cbca05128376f274846525091abae8bb2b4b3339e8b9b50880ea29d11c5a7cfba4e6dc3844fcb10bccb4e80c59c7202
SSDEEP

384:pL7li/2z0q2DcEQvdQcJKLTp/NK9xabd:Z4MCQ9cbd

Score

7^/10

Malware Config

Targets

- Target
  
  2b6e9550fc7ff487a373010936375d9c21147d91eb8bbe120d8e9c30e20d936b
- Size
  
  12KB
- MD5
  
  0839abe90f40c7d5b5894494df0b2bad
- SHA1
  
  74d620cd9190d865c7fb5c39dd69ac2cfcb32e52
- SHA256
  
  2b6e9550fc7ff487a373010936375d9c21147d91eb8bbe120d8e9c30e20d936b
- SHA512
  
  6ff671ba807057b6a140aea48f8007313cbca05128376f274846525091abae8bb2b4b3339e8b9b50880ea29d11c5a7cfba4e6dc3844fcb10bccb4e80c59c7202
- SSDEEP
  
  384:pL7li/2z0q2DcEQvdQcJKLTp/NK9xabd:Z4MCQ9cbd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2