7221ba368255b4015d0778073af37a70f5230e49662ac06ae884a9582292e027 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7221ba368255b4015d0778073af37a70f5230e49662ac06ae884a9582292e027.exe
Size

12KB
Sample

240523-cby15shf78
MD5

0b0da940152d8fd4cafc09b0ed6f7f40
SHA1

01f2a08d3a1ea4bf9353c44bb825a0393ba968c7
SHA256

7221ba368255b4015d0778073af37a70f5230e49662ac06ae884a9582292e027
SHA512

05ea9442a26bc8527da6ef5b47a174f8731c82c5ab326e18aaa9841ae095d633c2584c199d656b7000d264f6b9c63993bd7a5b0239242c5178d640ee8fab663f
SSDEEP

384:iL7li/2zHq2DcEQvdhcJKLTp/NK9xa/M:8TM/Q9c/M

Score

7^/10

Malware Config

Targets

- Target
  
  7221ba368255b4015d0778073af37a70f5230e49662ac06ae884a9582292e027.exe
- Size
  
  12KB
- MD5
  
  0b0da940152d8fd4cafc09b0ed6f7f40
- SHA1
  
  01f2a08d3a1ea4bf9353c44bb825a0393ba968c7
- SHA256
  
  7221ba368255b4015d0778073af37a70f5230e49662ac06ae884a9582292e027
- SHA512
  
  05ea9442a26bc8527da6ef5b47a174f8731c82c5ab326e18aaa9841ae095d633c2584c199d656b7000d264f6b9c63993bd7a5b0239242c5178d640ee8fab663f
- SSDEEP
  
  384:iL7li/2zHq2DcEQvdhcJKLTp/NK9xa/M:8TM/Q9c/M
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2