407cde8101a3f04d2e4c9c632c771a3f3fc5db48c14c0ad85f76e8ae50fea6c1 | Triage

Sharing

General

Target

407cde8101a3f04d2e4c9c632c771a3f3fc5db48c14c0ad85f76e8ae50fea6c1.vbe
Size

720KB
Sample

240522-btj49sgb3v
MD5

08916398d60045637fa6b2f5d5ef89e6
SHA1

2f1bd5cc4c5649fb7e034e48861de256b76ce06f
SHA256

407cde8101a3f04d2e4c9c632c771a3f3fc5db48c14c0ad85f76e8ae50fea6c1
SHA512

a036b6b80070a7f7928b7ed521572ff7b8401236c604c53aafe91d9862215e1df897ba84a380eb78da996d760b4a29f5642c60b68d0df45e418b8c726d6b8c58
SSDEEP

6144:TsyS5Hz0L9jTGquGSqCG2NPnbY/0M7xxMldTSsp3vraSEPW/snrOLNC51gdQl7VB:vCRT+WPxm3pfqiMwc/MVqAd+O

Score

8^/10

Malware Config

Targets

- Target
  
  407cde8101a3f04d2e4c9c632c771a3f3fc5db48c14c0ad85f76e8ae50fea6c1.vbe
- Size
  
  720KB
- MD5
  
  08916398d60045637fa6b2f5d5ef89e6
- SHA1
  
  2f1bd5cc4c5649fb7e034e48861de256b76ce06f
- SHA256
  
  407cde8101a3f04d2e4c9c632c771a3f3fc5db48c14c0ad85f76e8ae50fea6c1
- SHA512
  
  a036b6b80070a7f7928b7ed521572ff7b8401236c604c53aafe91d9862215e1df897ba84a380eb78da996d760b4a29f5642c60b68d0df45e418b8c726d6b8c58
- SSDEEP
  
  6144:TsyS5Hz0L9jTGquGSqCG2NPnbY/0M7xxMldTSsp3vraSEPW/snrOLNC51gdQl7VB:vCRT+WPxm3pfqiMwc/MVqAd+O
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2