a53fca459108e05b600b41a879f72b6ae45050086d8eb2ab4b2e670991b9b287 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a53fca459108e05b600b41a879f72b6ae45050086d8eb2ab4b2e670991b9b287.zip
Size

206KB
Sample

240417-cfv52sag42
MD5

fd0cdb4e488cdd3d242c26767cea5164
SHA1

d365101a2a9c714b5bdb6b8e5a3c761414431c6f
SHA256

a53fca459108e05b600b41a879f72b6ae45050086d8eb2ab4b2e670991b9b287
SHA512

7e697d889e45ed46d2723ab7983553ba11244f19b62e2d302e478117d625ae7ab0c726c90a88d77d2e62946c0a55687835dbb5069816fe9fddcc899ba16660ed
SSDEEP

3072:MhZHmr72fbvSCVzMRJvBFNCna/Ofe3ML5T3LC2Da4MITHoEDJ0F6jueVP5/roFoC:MhfDgnFNCna/UeS9hHoYJRuQZEl

Score

8^/10

Malware Config

Targets

- Target
  
  awb_shipping_label_invoice_15_04_2024_000000000000024.vbs
- Size
  
  403KB
- MD5
  
  6d469931b2f7f0547b5b29b1f13757f1
- SHA1
  
  a396528b953b6b573828ce621b4a1309f35853f5
- SHA256
  
  3e7a73967dc5a281769f045c83e205afad5afc15698606f746e820afb0567230
- SHA512
  
  173a628814963db217242f88d2e4cc0fc7f9966634bf2addf5340ca4d4a299796b39b970590796805b701ef6252e6e294645b6c5e6396234f393eaa47d3471a4
- SSDEEP
  
  6144:ltrc0iH9QXg0Id+WULFvWtBVkmutWJxKE2l88FD3NG8BXMVi:lFidQ0y+znKJ
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2