3a96eeb87ce086ffebeed8d20b7dab8a4021a385e628f4ac9151ef16b63736c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a96eeb87ce086ffebeed8d20b7dab8a4021a385e628f4ac9151ef16b63736c7
Size

12KB
Sample

240521-1c217abb53
MD5

41e64acab88ee33295780014985e72e3
SHA1

d88b84226d0d284a040e4af1ccdc23ea293a92a0
SHA256

3a96eeb87ce086ffebeed8d20b7dab8a4021a385e628f4ac9151ef16b63736c7
SHA512

c60c0065891c22dbb1a226edc2ded1427372a2dc19428ae6698de4db27dfa2028302c609097bd4a15900adfbe3843f7d3e3c1c7cc270af93126fba82a38c821b
SSDEEP

384:tL7li/2zqq2DcEQvdhcJKLTp/NK9xa90:96M/Q9c90

Score

7^/10

Malware Config

Targets

- Target
  
  3a96eeb87ce086ffebeed8d20b7dab8a4021a385e628f4ac9151ef16b63736c7
- Size
  
  12KB
- MD5
  
  41e64acab88ee33295780014985e72e3
- SHA1
  
  d88b84226d0d284a040e4af1ccdc23ea293a92a0
- SHA256
  
  3a96eeb87ce086ffebeed8d20b7dab8a4021a385e628f4ac9151ef16b63736c7
- SHA512
  
  c60c0065891c22dbb1a226edc2ded1427372a2dc19428ae6698de4db27dfa2028302c609097bd4a15900adfbe3843f7d3e3c1c7cc270af93126fba82a38c821b
- SSDEEP
  
  384:tL7li/2zqq2DcEQvdhcJKLTp/NK9xa90:96M/Q9c90
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2