Overview

overview

7

Static

static

3

7865fb5551...57.exe

windows7-x64

7

7865fb5551...57.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7865fb5551e40e31cc9e824a9d5f750df967edd2cbe5a72c314e2d7c7c241857

  • Size

    12KB

  • Sample

    240522-bsw3fafh55

  • MD5

    2b887821f2ad5f68620565878f9930f3

  • SHA1

    9b060c27b03283e44f7a41869a88b0495d83d8ae

  • SHA256

    7865fb5551e40e31cc9e824a9d5f750df967edd2cbe5a72c314e2d7c7c241857

  • SHA512

    51e85f96d303f5a3259222ddd7d157e352adb5da91cd11b56f67096533509e4ba9e3319d90ef5f575b4ddcd9a232e9fcc73b0638f29b9352ddd410a7d69ade73

  • SSDEEP

    384:cL7li/2zWq2DcEQvdhcJKLTp/NK9xaPv:6OM/Q9cPv

Score
7/10

Malware Config

Targets

    • Target

      7865fb5551e40e31cc9e824a9d5f750df967edd2cbe5a72c314e2d7c7c241857

    • Size

      12KB

    • MD5

      2b887821f2ad5f68620565878f9930f3

    • SHA1

      9b060c27b03283e44f7a41869a88b0495d83d8ae

    • SHA256

      7865fb5551e40e31cc9e824a9d5f750df967edd2cbe5a72c314e2d7c7c241857

    • SHA512

      51e85f96d303f5a3259222ddd7d157e352adb5da91cd11b56f67096533509e4ba9e3319d90ef5f575b4ddcd9a232e9fcc73b0638f29b9352ddd410a7d69ade73

    • SSDEEP

      384:cL7li/2zWq2DcEQvdhcJKLTp/NK9xaPv:6OM/Q9cPv

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

1
T1064

Persistence

Privilege Escalation

Defense Evasion

Scripting

1
T1064

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks