19fcbfe54fca0bace2d0f1ab9fc6f4fdf3263d560ad514bdb12303cedb3025fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19fcbfe54fca0bace2d0f1ab9fc6f4fdf3263d560ad514bdb12303cedb3025fc
Size

12KB
Sample

240528-xt1b5she69
MD5

7287a3c66a30c177a69cab091eeeaa4c
SHA1

a0a8e86f4cd932f2c9c987dee0601760333b05fa
SHA256

19fcbfe54fca0bace2d0f1ab9fc6f4fdf3263d560ad514bdb12303cedb3025fc
SHA512

da8a99de77113243dbeb4ea1df517650c6690e9e922366f9b16b6f6b321ed2c4ee8b36b47c471d75de2402f0545bdfd2f8570f6f08b7bff6cb081ecebe8fd166
SSDEEP

384:ML7li/2zWq2DcEQvdhcJKLTp/NK9xanU:K2M/Q9cnU

Score

7^/10

Malware Config

Targets

- Target
  
  19fcbfe54fca0bace2d0f1ab9fc6f4fdf3263d560ad514bdb12303cedb3025fc
- Size
  
  12KB
- MD5
  
  7287a3c66a30c177a69cab091eeeaa4c
- SHA1
  
  a0a8e86f4cd932f2c9c987dee0601760333b05fa
- SHA256
  
  19fcbfe54fca0bace2d0f1ab9fc6f4fdf3263d560ad514bdb12303cedb3025fc
- SHA512
  
  da8a99de77113243dbeb4ea1df517650c6690e9e922366f9b16b6f6b321ed2c4ee8b36b47c471d75de2402f0545bdfd2f8570f6f08b7bff6cb081ecebe8fd166
- SSDEEP
  
  384:ML7li/2zWq2DcEQvdhcJKLTp/NK9xanU:K2M/Q9cnU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2