87e044bfd76b2473e0622f607a22c8501bc80d21150a0cce78b01122b8c9bb11 | Triage

Sharing

General

Target

87e044bfd76b2473e0622f607a22c8501bc80d21150a0cce78b01122b8c9bb11
Size

12KB
Sample

240522-c1rncshg2y
MD5

4079e086d7d00f7514942ec9b0f9e6aa
SHA1

f2941f8dfd886bd98cb64b7a6fbd9c9b9fd87dbd
SHA256

87e044bfd76b2473e0622f607a22c8501bc80d21150a0cce78b01122b8c9bb11
SHA512

68fd6e11e70f45e5bad4eee89ec870b2a2c7be15cee8dd87910d13d86c898378c911dcfafcaa3db9c634fe555f9d7e354e2edb443c2dd82a27774fcc2b7e16c4
SSDEEP

384:CL7li/2zEq2DcEQvdhcJKLTp/NK9xarF:coM/Q9crF

Score

7^/10

Malware Config

Targets

- Target
  
  87e044bfd76b2473e0622f607a22c8501bc80d21150a0cce78b01122b8c9bb11
- Size
  
  12KB
- MD5
  
  4079e086d7d00f7514942ec9b0f9e6aa
- SHA1
  
  f2941f8dfd886bd98cb64b7a6fbd9c9b9fd87dbd
- SHA256
  
  87e044bfd76b2473e0622f607a22c8501bc80d21150a0cce78b01122b8c9bb11
- SHA512
  
  68fd6e11e70f45e5bad4eee89ec870b2a2c7be15cee8dd87910d13d86c898378c911dcfafcaa3db9c634fe555f9d7e354e2edb443c2dd82a27774fcc2b7e16c4
- SSDEEP
  
  384:CL7li/2zEq2DcEQvdhcJKLTp/NK9xarF:coM/Q9crF
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2