ab3434870dcfa6782eda146a76d70bed05e1693c43ab228abc3fb99e7ab945c9 | Triage

Sharing

General

Target

ab3434870dcfa6782eda146a76d70bed05e1693c43ab228abc3fb99e7ab945c9
Size

12KB
Sample

240517-c2e1ysdf36
MD5

58eec028c16c94111b4c77885a41a12c
SHA1

a1824748cc91053a835e6b2187c4c0f386eae583
SHA256

ab3434870dcfa6782eda146a76d70bed05e1693c43ab228abc3fb99e7ab945c9
SHA512

dc1e60c9e48fd020732a911787cd5352381a85f91f53b329c12206f2bf8b1a04fbef3a25341c62e211feac6546bac41e32cdd5313d7cd05b6bed727408c99a6a
SSDEEP

384:oL7li/2zRq2DcEQvdQcJKLTp/NK9xajL:WxMCQ9cjL

Score

7^/10

Malware Config

Targets

- Target
  
  ab3434870dcfa6782eda146a76d70bed05e1693c43ab228abc3fb99e7ab945c9
- Size
  
  12KB
- MD5
  
  58eec028c16c94111b4c77885a41a12c
- SHA1
  
  a1824748cc91053a835e6b2187c4c0f386eae583
- SHA256
  
  ab3434870dcfa6782eda146a76d70bed05e1693c43ab228abc3fb99e7ab945c9
- SHA512
  
  dc1e60c9e48fd020732a911787cd5352381a85f91f53b329c12206f2bf8b1a04fbef3a25341c62e211feac6546bac41e32cdd5313d7cd05b6bed727408c99a6a
- SSDEEP
  
  384:oL7li/2zRq2DcEQvdQcJKLTp/NK9xajL:WxMCQ9cjL
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2