7b504de9ddaeb2eb85403c7dcc64fa1f9da0c1fe62d3acc1815f4d27d269f6b9 | Triage

Sharing

General

Target

7b504de9ddaeb2eb85403c7dcc64fa1f9da0c1fe62d3acc1815f4d27d269f6b9
Size

12KB
Sample

240522-3gg8padb87
MD5

01fdd626e033f1c89b8a7dfda074a3a0
SHA1

a62a589e7c1699b20099f3e7ed2a9084365022f7
SHA256

7b504de9ddaeb2eb85403c7dcc64fa1f9da0c1fe62d3acc1815f4d27d269f6b9
SHA512

0c083872ead06682e972b409784d759103d5487af67ee867d8b6284743c60bd99e0c61770b79de42822c52f7781b8db38f0fed81f24b3508fca91186a0103094
SSDEEP

384:pL7li/2zDlq2DcEQvdhcJKLTp/NK9xarp:ZZM/Q9crp

Score

7^/10

Malware Config

Targets

- Target
  
  7b504de9ddaeb2eb85403c7dcc64fa1f9da0c1fe62d3acc1815f4d27d269f6b9
- Size
  
  12KB
- MD5
  
  01fdd626e033f1c89b8a7dfda074a3a0
- SHA1
  
  a62a589e7c1699b20099f3e7ed2a9084365022f7
- SHA256
  
  7b504de9ddaeb2eb85403c7dcc64fa1f9da0c1fe62d3acc1815f4d27d269f6b9
- SHA512
  
  0c083872ead06682e972b409784d759103d5487af67ee867d8b6284743c60bd99e0c61770b79de42822c52f7781b8db38f0fed81f24b3508fca91186a0103094
- SSDEEP
  
  384:pL7li/2zDlq2DcEQvdhcJKLTp/NK9xarp:ZZM/Q9crp
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2