3cc0f3d7ce58a5972c0fcb1e4be534e34012a7c12b3c449e767df09d57cb0e8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cc0f3d7ce58a5972c0fcb1e4be534e34012a7c12b3c449e767df09d57cb0e8b
Size

12KB
Sample

240527-z3h6bsbd47
MD5

fca2594763b5ceae79b5d4cbb8a6aca1
SHA1

fa70f1457216d197e160b8ca372e281f6df86615
SHA256

3cc0f3d7ce58a5972c0fcb1e4be534e34012a7c12b3c449e767df09d57cb0e8b
SHA512

b330b6b8ad41c48f32e91aa22a7779508c34e9ae31e2fee679f98897d1ae7d9aafcc3ac605371b54cfa0a739997e8d7c5bd622ed66cfc06be97803bd6af92271
SSDEEP

384:9L7li/2zlq2DcEQvdhcJKLTp/NK9xa9e:t9M/Q9c9e

Score

7^/10

Malware Config

Targets

- Target
  
  3cc0f3d7ce58a5972c0fcb1e4be534e34012a7c12b3c449e767df09d57cb0e8b
- Size
  
  12KB
- MD5
  
  fca2594763b5ceae79b5d4cbb8a6aca1
- SHA1
  
  fa70f1457216d197e160b8ca372e281f6df86615
- SHA256
  
  3cc0f3d7ce58a5972c0fcb1e4be534e34012a7c12b3c449e767df09d57cb0e8b
- SHA512
  
  b330b6b8ad41c48f32e91aa22a7779508c34e9ae31e2fee679f98897d1ae7d9aafcc3ac605371b54cfa0a739997e8d7c5bd622ed66cfc06be97803bd6af92271
- SSDEEP
  
  384:9L7li/2zlq2DcEQvdhcJKLTp/NK9xa9e:t9M/Q9c9e
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2