492ddcbe0658c0c42ddeabe16748eb265f5f3c9cfc4c5f4e7ca6ad60ba969054 | Triage

Sharing

General

Target

492ddcbe0658c0c42ddeabe16748eb265f5f3c9cfc4c5f4e7ca6ad60ba969054.exe
Size

12KB
Sample

240522-14ltaaah68
MD5

18be8734f158add81a1d6123270c7e10
SHA1

33e6e05ec5f55c7945b8993dcb947ad4b3a6c165
SHA256

492ddcbe0658c0c42ddeabe16748eb265f5f3c9cfc4c5f4e7ca6ad60ba969054
SHA512

a87de3c25201319c005c14a9328eada2640b220c8c618df3cf6e22dfcecd80b9deb240a87ed33f3e7a5ba2ab62a851003a8661187a52b931d3bc825d57f3ce47
SSDEEP

384:EL7li/2z8q2DcEQvdhcJKLTp/NK9xaet:S4M/Q9cet

Score

7^/10

Malware Config

Targets

- Target
  
  492ddcbe0658c0c42ddeabe16748eb265f5f3c9cfc4c5f4e7ca6ad60ba969054.exe
- Size
  
  12KB
- MD5
  
  18be8734f158add81a1d6123270c7e10
- SHA1
  
  33e6e05ec5f55c7945b8993dcb947ad4b3a6c165
- SHA256
  
  492ddcbe0658c0c42ddeabe16748eb265f5f3c9cfc4c5f4e7ca6ad60ba969054
- SHA512
  
  a87de3c25201319c005c14a9328eada2640b220c8c618df3cf6e22dfcecd80b9deb240a87ed33f3e7a5ba2ab62a851003a8661187a52b931d3bc825d57f3ce47
- SSDEEP
  
  384:EL7li/2z8q2DcEQvdhcJKLTp/NK9xaet:S4M/Q9cet
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2