b98e912f79ae55ec2632dae6236d273ff980256198380c7040a9df6c8d7b3a5c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b98e912f79ae55ec2632dae6236d273ff980256198380c7040a9df6c8d7b3a5c
Size

12KB
Sample

240512-c7hc9scf71
MD5

67e81f88bb14393c53ed7b9054c35ba7
SHA1

a21010018af879adb5af4069d2b2e664fd9c670d
SHA256

b98e912f79ae55ec2632dae6236d273ff980256198380c7040a9df6c8d7b3a5c
SHA512

462a8796cdeb967f9bfd4eb92a637b266708df6654f969197f2332477a2f6d59ed44644c3f1a2217ec3016220e161b13e8e3def6051acc849c10fac1af3f4020
SSDEEP

384:BL7li/2z2q2DcEQvdQcJKLTp/NK9xabr:hmMCQ9cbr

Score

7^/10

Malware Config

Targets

- Target
  
  b98e912f79ae55ec2632dae6236d273ff980256198380c7040a9df6c8d7b3a5c
- Size
  
  12KB
- MD5
  
  67e81f88bb14393c53ed7b9054c35ba7
- SHA1
  
  a21010018af879adb5af4069d2b2e664fd9c670d
- SHA256
  
  b98e912f79ae55ec2632dae6236d273ff980256198380c7040a9df6c8d7b3a5c
- SHA512
  
  462a8796cdeb967f9bfd4eb92a637b266708df6654f969197f2332477a2f6d59ed44644c3f1a2217ec3016220e161b13e8e3def6051acc849c10fac1af3f4020
- SSDEEP
  
  384:BL7li/2z2q2DcEQvdQcJKLTp/NK9xabr:hmMCQ9cbr
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2