1fdff171ee161b518dce33426cbab9034bf48bcca8563d16e8ef923d589bbb44 | Triage

Sharing

General

Target

1fdff171ee161b518dce33426cbab9034bf48bcca8563d16e8ef923d589bbb44
Size

12KB
Sample

240530-ycvk1agg3y
MD5

c078a412683a55a2fabfe7351daf5aef
SHA1

d5b864368e318aab0740e41384c82e37b5fc398c
SHA256

1fdff171ee161b518dce33426cbab9034bf48bcca8563d16e8ef923d589bbb44
SHA512

7a0e29f72dab53f626a9feec6dc1474dc2225dde59d3c41fcd55ce9f07804ee0e18fc6cf366c54639a337fde78ed24aadf84fb5f780a70ef3bc81d5f1a09f664
SSDEEP

384:eL7li/2zbq2DcEQvdQcJKLTp/NK9xahW:IfMCQ9chW

Score

7^/10

Malware Config

Targets

- Target
  
  1fdff171ee161b518dce33426cbab9034bf48bcca8563d16e8ef923d589bbb44
- Size
  
  12KB
- MD5
  
  c078a412683a55a2fabfe7351daf5aef
- SHA1
  
  d5b864368e318aab0740e41384c82e37b5fc398c
- SHA256
  
  1fdff171ee161b518dce33426cbab9034bf48bcca8563d16e8ef923d589bbb44
- SHA512
  
  7a0e29f72dab53f626a9feec6dc1474dc2225dde59d3c41fcd55ce9f07804ee0e18fc6cf366c54639a337fde78ed24aadf84fb5f780a70ef3bc81d5f1a09f664
- SSDEEP
  
  384:eL7li/2zbq2DcEQvdQcJKLTp/NK9xahW:IfMCQ9chW
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2