2f5f773b2d4e6c020571c07204159784f17c84b99b66085f56f73a2e34517de9 | Triage

Sharing

General

Target

2f5f773b2d4e6c020571c07204159784f17c84b99b66085f56f73a2e34517de9
Size

12KB
Sample

240515-zbdrjaah68
MD5

d5156d6021e93fdefbbf8bb3d1efe6ab
SHA1

81870cec5a4bbaf1d6e082ab3e299aa3cfdd1c21
SHA256

2f5f773b2d4e6c020571c07204159784f17c84b99b66085f56f73a2e34517de9
SHA512

e15383135836e00b07bd3095e4fe534e3492026632f6a830b7c0950d00362a49ac81c1558558e6a8e70da89aaefd0c5bee21dd919b3d7ffe1ac5b60f7a787f16
SSDEEP

384:JL7li/2zkq2DcEQvdhcJKLTp/NK9xa6a:5QM/Q9c6a

Score

7^/10

Malware Config

Targets

- Target
  
  2f5f773b2d4e6c020571c07204159784f17c84b99b66085f56f73a2e34517de9
- Size
  
  12KB
- MD5
  
  d5156d6021e93fdefbbf8bb3d1efe6ab
- SHA1
  
  81870cec5a4bbaf1d6e082ab3e299aa3cfdd1c21
- SHA256
  
  2f5f773b2d4e6c020571c07204159784f17c84b99b66085f56f73a2e34517de9
- SHA512
  
  e15383135836e00b07bd3095e4fe534e3492026632f6a830b7c0950d00362a49ac81c1558558e6a8e70da89aaefd0c5bee21dd919b3d7ffe1ac5b60f7a787f16
- SSDEEP
  
  384:JL7li/2zkq2DcEQvdhcJKLTp/NK9xa6a:5QM/Q9c6a
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2