Overview

overview

7

Static

static

3

82fee8cc1b...06.exe

windows7-x64

7

82fee8cc1b...06.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    82fee8cc1bd1d4e2d421c4a221f995c6717bbb1c0319326251a9813b0c570606

  • Size

    12KB

  • Sample

    240522-cp45bahc71

  • MD5

    97c2f337efefa97a8cc9be6905cc0d64

  • SHA1

    bc9bd8206209c63dfbcdfab3e833463e81fd78ae

  • SHA256

    82fee8cc1bd1d4e2d421c4a221f995c6717bbb1c0319326251a9813b0c570606

  • SHA512

    6687aca0ca95953340076b2b55e82c6ddad460cf950a63784ecd979ed72afe0f644538523916d69ee39ce2a9b878a559ba534da21ed4bcc474b23cb98f017979

  • SSDEEP

    384:1L7li/2zCq2DcEQvdhcJKLTp/NK9xarU:VSM/Q9crU

Score
7/10

Malware Config

Targets

    • Target

      82fee8cc1bd1d4e2d421c4a221f995c6717bbb1c0319326251a9813b0c570606

    • Size

      12KB

    • MD5

      97c2f337efefa97a8cc9be6905cc0d64

    • SHA1

      bc9bd8206209c63dfbcdfab3e833463e81fd78ae

    • SHA256

      82fee8cc1bd1d4e2d421c4a221f995c6717bbb1c0319326251a9813b0c570606

    • SHA512

      6687aca0ca95953340076b2b55e82c6ddad460cf950a63784ecd979ed72afe0f644538523916d69ee39ce2a9b878a559ba534da21ed4bcc474b23cb98f017979

    • SSDEEP

      384:1L7li/2zCq2DcEQvdhcJKLTp/NK9xarU:VSM/Q9crU

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

1
T1064

Persistence

Privilege Escalation

Defense Evasion

Scripting

1
T1064

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks