f5d5837f764fb21efb77c5182d0ab74c0ba8f9b1993e4c7ee29aec39a91a9c24 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5d5837f764fb21efb77c5182d0ab74c0ba8f9b1993e4c7ee29aec39a91a9c24
Size

12KB
Sample

240511-gwbtkahf4v
MD5

4f8e8ef8e4ad6d438c31fe807b372a0f
SHA1

6b7736ad89b50290777efe7bd6c0d55128c2f3c9
SHA256

f5d5837f764fb21efb77c5182d0ab74c0ba8f9b1993e4c7ee29aec39a91a9c24
SHA512

6b88ded9c0d57b06350d9a1326b45f4523190274ac0be8e00deaba82084bca5e38f1099f1e008ed88b5def46fefe5aaaf2f78b6c6ed37662b4bf9b4386779a1a
SSDEEP

384:6L7li/2ztq2DcEQvdhcJKLTp/NK9xa3V:ktM/Q9c3V

Score

7^/10

Malware Config

Targets

- Target
  
  f5d5837f764fb21efb77c5182d0ab74c0ba8f9b1993e4c7ee29aec39a91a9c24
- Size
  
  12KB
- MD5
  
  4f8e8ef8e4ad6d438c31fe807b372a0f
- SHA1
  
  6b7736ad89b50290777efe7bd6c0d55128c2f3c9
- SHA256
  
  f5d5837f764fb21efb77c5182d0ab74c0ba8f9b1993e4c7ee29aec39a91a9c24
- SHA512
  
  6b88ded9c0d57b06350d9a1326b45f4523190274ac0be8e00deaba82084bca5e38f1099f1e008ed88b5def46fefe5aaaf2f78b6c6ed37662b4bf9b4386779a1a
- SSDEEP
  
  384:6L7li/2ztq2DcEQvdhcJKLTp/NK9xa3V:ktM/Q9c3V
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2