96e996b3f1be63ded8f9731feca578cb51ee29aee05c507ea860eb485211f67d | Triage

Sharing

General

Target

96e996b3f1be63ded8f9731feca578cb51ee29aee05c507ea860eb485211f67d
Size

12KB
Sample

240522-d8vknaah38
MD5

89b1b2d257aff854463e39c0d28153c0
SHA1

5831ba6d5404ad10e80c804dce52d3ba85604389
SHA256

96e996b3f1be63ded8f9731feca578cb51ee29aee05c507ea860eb485211f67d
SHA512

4d6b446d5ed2a0d9c0f99c34f3f2290a73886ba73ea4cdd1945af1f2a8f08bf7051b15f4bd224b520ac76262eabd2211ff25c718cb99cc47e46c17650628dfc5
SSDEEP

384:jL7li/2zuq2DcEQvdhcJKLTp/NK9xaEUc:nmM/Q9cxc

Score

7^/10

Malware Config

Targets

- Target
  
  96e996b3f1be63ded8f9731feca578cb51ee29aee05c507ea860eb485211f67d
- Size
  
  12KB
- MD5
  
  89b1b2d257aff854463e39c0d28153c0
- SHA1
  
  5831ba6d5404ad10e80c804dce52d3ba85604389
- SHA256
  
  96e996b3f1be63ded8f9731feca578cb51ee29aee05c507ea860eb485211f67d
- SHA512
  
  4d6b446d5ed2a0d9c0f99c34f3f2290a73886ba73ea4cdd1945af1f2a8f08bf7051b15f4bd224b520ac76262eabd2211ff25c718cb99cc47e46c17650628dfc5
- SSDEEP
  
  384:jL7li/2zuq2DcEQvdhcJKLTp/NK9xaEUc:nmM/Q9cxc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2