51614109b8d2b59a1c138417f410bbf0267536165174f18b127d2f593ad1d4cf | Triage

Sharing

General

Target

51614109b8d2b59a1c138417f410bbf0267536165174f18b127d2f593ad1d4cf.exe
Size

12KB
Sample

240522-2ve5tacb55
MD5

235bad5785640a23173b6424bcc1a650
SHA1

4ebb71a2e03f2d44acefacf1e922ec21825f1859
SHA256

51614109b8d2b59a1c138417f410bbf0267536165174f18b127d2f593ad1d4cf
SHA512

e9e6ef1677168c959af162c554e93f546e646f6a88e2e6e0bb55fa9bb471ca07a7ba6fed48d0bb0d94d68edfc6f1075bbb38ede943f78613ea0bee44ef6d869c
SSDEEP

384:aL7li/2zoq2DcEQvdhcJKLTp/NK9xa8e:EMM/Q9c8e

Score

7^/10

Malware Config

Targets

- Target
  
  51614109b8d2b59a1c138417f410bbf0267536165174f18b127d2f593ad1d4cf.exe
- Size
  
  12KB
- MD5
  
  235bad5785640a23173b6424bcc1a650
- SHA1
  
  4ebb71a2e03f2d44acefacf1e922ec21825f1859
- SHA256
  
  51614109b8d2b59a1c138417f410bbf0267536165174f18b127d2f593ad1d4cf
- SHA512
  
  e9e6ef1677168c959af162c554e93f546e646f6a88e2e6e0bb55fa9bb471ca07a7ba6fed48d0bb0d94d68edfc6f1075bbb38ede943f78613ea0bee44ef6d869c
- SSDEEP
  
  384:aL7li/2zoq2DcEQvdhcJKLTp/NK9xa8e:EMM/Q9c8e
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2