e8a5b2b11dc992e27b289dc6576039454f76a471ef6a2fc63c545f5299b01e3f | Triage

Sharing

General

Target

e8a5b2b11dc992e27b289dc6576039454f76a471ef6a2fc63c545f5299b01e3f
Size

12KB
Sample

240527-ekdsnsgd73
MD5

7f3b36803cad4ef33701fa937a792eb9
SHA1

e7eaa8dd6b6abbdd2f0e1a6979a62e37dd0b9063
SHA256

e8a5b2b11dc992e27b289dc6576039454f76a471ef6a2fc63c545f5299b01e3f
SHA512

7e0aee2b2e17bc9d8b40515a4e1ed4713806f192fc5508304294de937584dd99e9b605e3363ab45b881ddab6aab8eab0c234f05788f4cd8cc30cfd542d06e26a
SSDEEP

384:XL7li/2zseq2DcEQvdhcJKLTp/NK9xavw:blM/Q9cvw

Score

7^/10

Malware Config

Targets

- Target
  
  e8a5b2b11dc992e27b289dc6576039454f76a471ef6a2fc63c545f5299b01e3f
- Size
  
  12KB
- MD5
  
  7f3b36803cad4ef33701fa937a792eb9
- SHA1
  
  e7eaa8dd6b6abbdd2f0e1a6979a62e37dd0b9063
- SHA256
  
  e8a5b2b11dc992e27b289dc6576039454f76a471ef6a2fc63c545f5299b01e3f
- SHA512
  
  7e0aee2b2e17bc9d8b40515a4e1ed4713806f192fc5508304294de937584dd99e9b605e3363ab45b881ddab6aab8eab0c234f05788f4cd8cc30cfd542d06e26a
- SSDEEP
  
  384:XL7li/2zseq2DcEQvdhcJKLTp/NK9xavw:blM/Q9cvw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2