30a8c6561a2532715fd397a2522d9c5f07645412d6768c99325be183059b57cc | Triage

Sharing

General

Target

30a8c6561a2532715fd397a2522d9c5f07645412d6768c99325be183059b57cc
Size

12KB
Sample

240424-rychzsbf37
MD5

1b59285a477fe4b5e68f12d1bc1c616d
SHA1

10c30c963d87cb973edf66ec53c60785ca217b7d
SHA256

30a8c6561a2532715fd397a2522d9c5f07645412d6768c99325be183059b57cc
SHA512

c057c09b5548b75806aac743c0680095a0b6898dd60f54cc861603b64af43d43f8bad37d7cffd1c3297611bc2f080fb260854bb0e4f031bc3f289619812aeb8c
SSDEEP

384:kL7li/2zADq2DcEQvdhcJKLTp/NK9xa2E:y87M/Q9c2E

Score

7^/10

Malware Config

Targets

- Target
  
  30a8c6561a2532715fd397a2522d9c5f07645412d6768c99325be183059b57cc
- Size
  
  12KB
- MD5
  
  1b59285a477fe4b5e68f12d1bc1c616d
- SHA1
  
  10c30c963d87cb973edf66ec53c60785ca217b7d
- SHA256
  
  30a8c6561a2532715fd397a2522d9c5f07645412d6768c99325be183059b57cc
- SHA512
  
  c057c09b5548b75806aac743c0680095a0b6898dd60f54cc861603b64af43d43f8bad37d7cffd1c3297611bc2f080fb260854bb0e4f031bc3f289619812aeb8c
- SSDEEP
  
  384:kL7li/2zADq2DcEQvdhcJKLTp/NK9xa2E:y87M/Q9c2E
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2