b555d50be8049452fdfcb1a4ec4e8399a1f0db55458428281a3ed3c3c933a4fd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b555d50be8049452fdfcb1a4ec4e8399a1f0db55458428281a3ed3c3c933a4fd
Size

12KB
Sample

240505-dy4qksge69
MD5

131836f6c2487318b7115986acb22362
SHA1

bb37da903884a7be724405d7020b02ccf241cdbc
SHA256

b555d50be8049452fdfcb1a4ec4e8399a1f0db55458428281a3ed3c3c933a4fd
SHA512

dbb89dda1b9d34d454206fb49ef3f425fa49ee9c6eb35d3622aaa6684967466e94015b40de8b0cae79e062c5d33639976f4d3243fa8aa73738194c192e8c66d0
SSDEEP

384:SL7li/2zEq2DcEQvdhcJKLTp/NK9xaBF:MoM/Q9cBF

Score

7^/10

Malware Config

Targets

- Target
  
  b555d50be8049452fdfcb1a4ec4e8399a1f0db55458428281a3ed3c3c933a4fd
- Size
  
  12KB
- MD5
  
  131836f6c2487318b7115986acb22362
- SHA1
  
  bb37da903884a7be724405d7020b02ccf241cdbc
- SHA256
  
  b555d50be8049452fdfcb1a4ec4e8399a1f0db55458428281a3ed3c3c933a4fd
- SHA512
  
  dbb89dda1b9d34d454206fb49ef3f425fa49ee9c6eb35d3622aaa6684967466e94015b40de8b0cae79e062c5d33639976f4d3243fa8aa73738194c192e8c66d0
- SSDEEP
  
  384:SL7li/2zEq2DcEQvdhcJKLTp/NK9xaBF:MoM/Q9cBF
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2