1fd4e06080df51749dc02bb27a9d4d211feedf289ef6179ec6fe18d26cf57944 | Triage

Sharing

General

Target

1fd4e06080df51749dc02bb27a9d4d211feedf289ef6179ec6fe18d26cf57944
Size

12KB
Sample

240515-ynghhsha8z
MD5

0eae9145c5ddcd1953dffe1f3a895a23
SHA1

26818c1ec8b7ca067c18663331881e54f8900136
SHA256

1fd4e06080df51749dc02bb27a9d4d211feedf289ef6179ec6fe18d26cf57944
SHA512

b4728fa76554f7a5439cdb3d0493e6a76331c832e2469957144dc8d6deecb7f4c63eeec420f4f9882d2e937cced4801a6bbcf43a93539198e1bcedd743eb6fc8
SSDEEP

384:3L7li/2zCq2DcEQvdQcJKLTp/NK9xaE9:7KMCQ9cE9

Score

7^/10

Malware Config

Targets

- Target
  
  1fd4e06080df51749dc02bb27a9d4d211feedf289ef6179ec6fe18d26cf57944
- Size
  
  12KB
- MD5
  
  0eae9145c5ddcd1953dffe1f3a895a23
- SHA1
  
  26818c1ec8b7ca067c18663331881e54f8900136
- SHA256
  
  1fd4e06080df51749dc02bb27a9d4d211feedf289ef6179ec6fe18d26cf57944
- SHA512
  
  b4728fa76554f7a5439cdb3d0493e6a76331c832e2469957144dc8d6deecb7f4c63eeec420f4f9882d2e937cced4801a6bbcf43a93539198e1bcedd743eb6fc8
- SSDEEP
  
  384:3L7li/2zCq2DcEQvdQcJKLTp/NK9xaE9:7KMCQ9cE9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2