918eab8e1de86f38d83f66d97a3e9f26f76ab0ec54feab43540d50c29fa05f77 | Triage

Sharing

General

Target

918eab8e1de86f38d83f66d97a3e9f26f76ab0ec54feab43540d50c29fa05f77
Size

12KB
Sample

240528-a4l6yagb51
MD5

a37b639c3d3d15621d92412478f20e2c
SHA1

f066f7587fff6236fc02659774c64da23f5ff382
SHA256

918eab8e1de86f38d83f66d97a3e9f26f76ab0ec54feab43540d50c29fa05f77
SHA512

1264463ae943f3ee0ad75df3777f4b5ed0cb3acbc879cb0fd3243573449a29d6e99e92f85a8887cdff1dcea7b5e285857a1bb5d6d6a248e4c7c886a692bd10d2
SSDEEP

384:DL7li/2z4q2DcEQvdhcJKLTp/NK9xaWN:H0M/Q9cWN

Score

7^/10

Malware Config

Targets

- Target
  
  918eab8e1de86f38d83f66d97a3e9f26f76ab0ec54feab43540d50c29fa05f77
- Size
  
  12KB
- MD5
  
  a37b639c3d3d15621d92412478f20e2c
- SHA1
  
  f066f7587fff6236fc02659774c64da23f5ff382
- SHA256
  
  918eab8e1de86f38d83f66d97a3e9f26f76ab0ec54feab43540d50c29fa05f77
- SHA512
  
  1264463ae943f3ee0ad75df3777f4b5ed0cb3acbc879cb0fd3243573449a29d6e99e92f85a8887cdff1dcea7b5e285857a1bb5d6d6a248e4c7c886a692bd10d2
- SSDEEP
  
  384:DL7li/2z4q2DcEQvdhcJKLTp/NK9xaWN:H0M/Q9cWN
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2