a729e76b1a4862076628de357516cf7eca0a6ccb1a2776b44b4c255018f4e57f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CR-FEDEX_TN-775537409198_Doc.zip
Size

28KB
Sample

240422-qlyd9abh38
MD5

57d1b142f8db5615493fd9fb55d24366
SHA1

f50429ba487268779beaa133718344015dfcf6e5
SHA256

a729e76b1a4862076628de357516cf7eca0a6ccb1a2776b44b4c255018f4e57f
SHA512

56c80eaff088d22bb1a0fa0d83270d21a70c812208b77c22d453937fa3e071232708cd905458a7b8acaef5fb681ee3613d3fa4aab566fb2386890f6f85d0d0c4
SSDEEP

768:O5Ix/IHNri3yUBs2s0uvWiW0a7Rexut+qLIIhMWsM:O55yyUBRtu1Gexut+DIhz

Score

8^/10

Malware Config

Targets

- Target
  
  CR-FEDEX_TN-775537409198_Doc.vbs
- Size
  
  58KB
- MD5
  
  7adbafc63cc01ebeae27fd4074430da1
- SHA1
  
  9868805bad5478b2400d637b268f1aebea0b6c67
- SHA256
  
  fb712dfc934fe7630f1e6e2b2bd79be641de26accc34fda08c3f6e269d40c9b4
- SHA512
  
  a5623d714f6b49857bbb19a0c9727e63f4259d234d4226100954bba94eac7f4e0aa5b5510cc94d0629c78ae35ef28c19e8ba46caf490190f28a9136af578ebe0
- SSDEEP
  
  768:82p/fwNaKj7gHrI0i3wPDPM+A0s2hyOX0Q4afFysrmUYAYB8nq7rIF9NISEqQEs2:7ukLI1gPDPTxyk0MfFCNqnASLQE66
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2