22114eb2173c7aa72e649b3e416a0f5beae3e5fbdf68bba549eb9803ba6d2ebb | Triage

Sharing

General

Target

22114eb2173c7aa72e649b3e416a0f5beae3e5fbdf68bba549eb9803ba6d2ebb
Size

12KB
Sample

240521-yebwnsgd8x
MD5

2f773450a270914637e077e3abf22eb9
SHA1

50e57b7c113604c9ee2ee2b3bd945985998f33f6
SHA256

22114eb2173c7aa72e649b3e416a0f5beae3e5fbdf68bba549eb9803ba6d2ebb
SHA512

bd35c184d8656c99737344732fa3ab11d4e0caf5c05f1ece2e6eedf2553e79b37f2ac54552546dc03ce27d72363b083d6319ec623928c1d7d1dd67c7be157181
SSDEEP

384:0L7li/2zpq2DcEQvdhcJKLTp/NK9xa8A:ihM/Q9c8A

Score

7^/10

Malware Config

Targets

- Target
  
  22114eb2173c7aa72e649b3e416a0f5beae3e5fbdf68bba549eb9803ba6d2ebb
- Size
  
  12KB
- MD5
  
  2f773450a270914637e077e3abf22eb9
- SHA1
  
  50e57b7c113604c9ee2ee2b3bd945985998f33f6
- SHA256
  
  22114eb2173c7aa72e649b3e416a0f5beae3e5fbdf68bba549eb9803ba6d2ebb
- SHA512
  
  bd35c184d8656c99737344732fa3ab11d4e0caf5c05f1ece2e6eedf2553e79b37f2ac54552546dc03ce27d72363b083d6319ec623928c1d7d1dd67c7be157181
- SSDEEP
  
  384:0L7li/2zpq2DcEQvdhcJKLTp/NK9xa8A:ihM/Q9c8A
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2