9427de15467591a16cfb1970ba8f1b98ba4cb488ed84e613a6d489be91cc0241 | Triage

Sharing

General

Target

9427de15467591a16cfb1970ba8f1b98ba4cb488ed84e613a6d489be91cc0241
Size

12KB
Sample

240522-dwnlksae66
MD5

9d76d6a5d258d87f04b6db88d63c24bc
SHA1

9c84b644f75ce351860104b61551ca9223164b5b
SHA256

9427de15467591a16cfb1970ba8f1b98ba4cb488ed84e613a6d489be91cc0241
SHA512

8b9588178bbf7c08a935eab80e924f1e82ead40c50fa3d9ec51bd0efe8c6df59083957fc12a6db116e9e583ba16c926cb18e5219a9b1e81844ad263e1eec6384
SSDEEP

384:rL7li/2z9q2DcEQvdhcJKLTp/NK9xaaP:/FM/Q9caP

Score

7^/10

Malware Config

Targets

- Target
  
  9427de15467591a16cfb1970ba8f1b98ba4cb488ed84e613a6d489be91cc0241
- Size
  
  12KB
- MD5
  
  9d76d6a5d258d87f04b6db88d63c24bc
- SHA1
  
  9c84b644f75ce351860104b61551ca9223164b5b
- SHA256
  
  9427de15467591a16cfb1970ba8f1b98ba4cb488ed84e613a6d489be91cc0241
- SHA512
  
  8b9588178bbf7c08a935eab80e924f1e82ead40c50fa3d9ec51bd0efe8c6df59083957fc12a6db116e9e583ba16c926cb18e5219a9b1e81844ad263e1eec6384
- SSDEEP
  
  384:rL7li/2z9q2DcEQvdhcJKLTp/NK9xaaP:/FM/Q9caP
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2