675f56d4331b2ae69087c4788abbd4f73ec1044bdf81f9e52d49ba2371cbc29b | Triage

Sharing

General

Target

675f56d4331b2ae69087c4788abbd4f73ec1044bdf81f9e52d49ba2371cbc29b
Size

12KB
Sample

240522-ag3keaee61
MD5

5b74c0468f1aa924133498513403a0b4
SHA1

0eab557df1420ed4306dfcde5eeb97e6981b37c1
SHA256

675f56d4331b2ae69087c4788abbd4f73ec1044bdf81f9e52d49ba2371cbc29b
SHA512

1514362412fadfd51254a069a3c5329f322c5e6199541e9dbcdfe074aebb7d709d02284873df784210422f52ca77a158135f456a7212461f080bda33e684bd18
SSDEEP

384:qL7li/2zQq2DcEQvdhcJKLTp/NK9xaOQ:0kM/Q9cOQ

Score

7^/10

Malware Config

Targets

- Target
  
  675f56d4331b2ae69087c4788abbd4f73ec1044bdf81f9e52d49ba2371cbc29b
- Size
  
  12KB
- MD5
  
  5b74c0468f1aa924133498513403a0b4
- SHA1
  
  0eab557df1420ed4306dfcde5eeb97e6981b37c1
- SHA256
  
  675f56d4331b2ae69087c4788abbd4f73ec1044bdf81f9e52d49ba2371cbc29b
- SHA512
  
  1514362412fadfd51254a069a3c5329f322c5e6199541e9dbcdfe074aebb7d709d02284873df784210422f52ca77a158135f456a7212461f080bda33e684bd18
- SSDEEP
  
  384:qL7li/2zQq2DcEQvdhcJKLTp/NK9xaOQ:0kM/Q9cOQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2