8faaf904aec43f9115f535ce47342ec6cd1ef95aa6008af7623a32b73f6e2f1f | Triage

Sharing

General

Target

8faaf904aec43f9115f535ce47342ec6cd1ef95aa6008af7623a32b73f6e2f1f
Size

12KB
Sample

240522-dkwstaac36
MD5

a935ad05746b25a6bea9be4bc7e981f3
SHA1

ca41c1f91d4af77347d7516cd2a20775e82f0eec
SHA256

8faaf904aec43f9115f535ce47342ec6cd1ef95aa6008af7623a32b73f6e2f1f
SHA512

981b3278cc1fa648ff9c19a88a60660d1190dfb18a6dbaa01dff93595f46aec415b71e7e905e2c7017d26c059759e3a2a7e9a3546fceef3ab1931eedd7ecfbbd
SSDEEP

384:+L7li/2zEq2DcEQvdhcJKLTp/NK9xaHJ:o4M/Q9cHJ

Score

7^/10

Malware Config

Targets

- Target
  
  8faaf904aec43f9115f535ce47342ec6cd1ef95aa6008af7623a32b73f6e2f1f
- Size
  
  12KB
- MD5
  
  a935ad05746b25a6bea9be4bc7e981f3
- SHA1
  
  ca41c1f91d4af77347d7516cd2a20775e82f0eec
- SHA256
  
  8faaf904aec43f9115f535ce47342ec6cd1ef95aa6008af7623a32b73f6e2f1f
- SHA512
  
  981b3278cc1fa648ff9c19a88a60660d1190dfb18a6dbaa01dff93595f46aec415b71e7e905e2c7017d26c059759e3a2a7e9a3546fceef3ab1931eedd7ecfbbd
- SSDEEP
  
  384:+L7li/2zEq2DcEQvdhcJKLTp/NK9xaHJ:o4M/Q9cHJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2