c679b0af2d58f3ca6efcaf24df356341f3feadfd3d325193e0d847a1d64182ad | Triage

Sharing

General

Target

c679b0af2d58f3ca6efcaf24df356341f3feadfd3d325193e0d847a1d64182ad
Size

12KB
Sample

240527-c1apvadb6z
MD5

b912a402c5c743b4fa0db4c9beded7a5
SHA1

c64ae82aed37a3506450db09b5e4a5205fc009a2
SHA256

c679b0af2d58f3ca6efcaf24df356341f3feadfd3d325193e0d847a1d64182ad
SHA512

dc973419fd632d9b7e497894c51edef6fb3439dba8cbbc9e702cf4fc057d4702075ba79a0ea69706d0b2373fb7249154d8b92577e4386c1f024134a6fe98ab72
SSDEEP

384:LL7li/2zZq2DcEQvdhcJKLTp/NK9xaSs:fxM/Q9cSs

Score

7^/10

Malware Config

Targets

- Target
  
  c679b0af2d58f3ca6efcaf24df356341f3feadfd3d325193e0d847a1d64182ad
- Size
  
  12KB
- MD5
  
  b912a402c5c743b4fa0db4c9beded7a5
- SHA1
  
  c64ae82aed37a3506450db09b5e4a5205fc009a2
- SHA256
  
  c679b0af2d58f3ca6efcaf24df356341f3feadfd3d325193e0d847a1d64182ad
- SHA512
  
  dc973419fd632d9b7e497894c51edef6fb3439dba8cbbc9e702cf4fc057d4702075ba79a0ea69706d0b2373fb7249154d8b92577e4386c1f024134a6fe98ab72
- SSDEEP
  
  384:LL7li/2zZq2DcEQvdhcJKLTp/NK9xaSs:fxM/Q9cSs
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2