9cf5497db9b4f213048cf3301e24194981b23ad982938ba91775af860560b8e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9cf5497db9b4f213048cf3301e24194981b23ad982938ba91775af860560b8e9
Size

12KB
Sample

240527-a481psbb39
MD5

6f8008a392ad15deaea9fccf4bd4fe4a
SHA1

50c34f05cf45db61cf0cb117c8ec905b90bf7265
SHA256

9cf5497db9b4f213048cf3301e24194981b23ad982938ba91775af860560b8e9
SHA512

c3a253b834d2e88be4885d0a5f833a0423086f082f6d23eefe37cc23cbb0f18997517f6a7372c953edcf2fd64bf16f27132a21a9b45faa91b9142cf876cc2d41
SSDEEP

384:VL7li/2z9q2DcEQvdhcJKLTp/NK9xafv:1FM/Q9cfv

Score

7^/10

Malware Config

Targets

- Target
  
  9cf5497db9b4f213048cf3301e24194981b23ad982938ba91775af860560b8e9
- Size
  
  12KB
- MD5
  
  6f8008a392ad15deaea9fccf4bd4fe4a
- SHA1
  
  50c34f05cf45db61cf0cb117c8ec905b90bf7265
- SHA256
  
  9cf5497db9b4f213048cf3301e24194981b23ad982938ba91775af860560b8e9
- SHA512
  
  c3a253b834d2e88be4885d0a5f833a0423086f082f6d23eefe37cc23cbb0f18997517f6a7372c953edcf2fd64bf16f27132a21a9b45faa91b9142cf876cc2d41
- SSDEEP
  
  384:VL7li/2z9q2DcEQvdhcJKLTp/NK9xafv:1FM/Q9cfv
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2