406b80f654150141cc0eb7ebe4cff3af178d8ac52a5ef6594bb92cb2e877b94c | Triage

Sharing

General

Target

406b80f654150141cc0eb7ebe4cff3af178d8ac52a5ef6594bb92cb2e877b94c
Size

12KB
Sample

240514-zqwkwsge72
MD5

aa580da9da1f259dec6d73c7207ea2d3
SHA1

a1bc7cb3e92ff308f1bd5d300d60dcdc98f30a25
SHA256

406b80f654150141cc0eb7ebe4cff3af178d8ac52a5ef6594bb92cb2e877b94c
SHA512

7d1790d250666c952000c0da37e4971e8d2ece91d8f79786f30dafe7214631a2c7a9587386139e5b0cdc84fcf44ea9ba3797f81d71696c290527f4842b924fbf
SSDEEP

384:9L7li/2zsTq2DcEQvdhcJKLTp/NK9xa1R:twM/Q9c1R

Score

7^/10

Malware Config

Targets

- Target
  
  406b80f654150141cc0eb7ebe4cff3af178d8ac52a5ef6594bb92cb2e877b94c
- Size
  
  12KB
- MD5
  
  aa580da9da1f259dec6d73c7207ea2d3
- SHA1
  
  a1bc7cb3e92ff308f1bd5d300d60dcdc98f30a25
- SHA256
  
  406b80f654150141cc0eb7ebe4cff3af178d8ac52a5ef6594bb92cb2e877b94c
- SHA512
  
  7d1790d250666c952000c0da37e4971e8d2ece91d8f79786f30dafe7214631a2c7a9587386139e5b0cdc84fcf44ea9ba3797f81d71696c290527f4842b924fbf
- SSDEEP
  
  384:9L7li/2zsTq2DcEQvdhcJKLTp/NK9xa1R:twM/Q9c1R
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2