9fe769d46b04ae04d5d4827fdfacbafbf3d354ebb9e9996377dee9eeb4a0d24e | Triage

Sharing

General

Target

9fe769d46b04ae04d5d4827fdfacbafbf3d354ebb9e9996377dee9eeb4a0d24e
Size

12KB
Sample

240524-bjv4safh94
MD5

7875b761f01649cbdf43f5ad77ee0d72
SHA1

b1d791783444aee8aba806d6fe528ea5b179f9ca
SHA256

9fe769d46b04ae04d5d4827fdfacbafbf3d354ebb9e9996377dee9eeb4a0d24e
SHA512

259257fc3659188a4e05b2e0c3046dbad3c9fb4e014ef4bba28ad3d47110827a6adb4c5bd88d664e1048ccac96eba4513e6c8bdd6edc3651e9dfb2e0a5ff24ab
SSDEEP

384:VL7li/2zWq2DcEQvdhcJKLTp/NK9xaJw:12M/Q9cJw

Score

7^/10

Malware Config

Targets

- Target
  
  9fe769d46b04ae04d5d4827fdfacbafbf3d354ebb9e9996377dee9eeb4a0d24e
- Size
  
  12KB
- MD5
  
  7875b761f01649cbdf43f5ad77ee0d72
- SHA1
  
  b1d791783444aee8aba806d6fe528ea5b179f9ca
- SHA256
  
  9fe769d46b04ae04d5d4827fdfacbafbf3d354ebb9e9996377dee9eeb4a0d24e
- SHA512
  
  259257fc3659188a4e05b2e0c3046dbad3c9fb4e014ef4bba28ad3d47110827a6adb4c5bd88d664e1048ccac96eba4513e6c8bdd6edc3651e9dfb2e0a5ff24ab
- SSDEEP
  
  384:VL7li/2zWq2DcEQvdhcJKLTp/NK9xaJw:12M/Q9cJw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2