6f544c6850f0ecccb250c1e1a983a770a602a3115c2aed019830e940673d42b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f544c6850f0ecccb250c1e1a983a770a602a3115c2aed019830e940673d42b3
Size

12KB
Sample

240531-22e4dshf28
MD5

4c31fd56e079d7eac48af3c56c0deedd
SHA1

1f968f55454955f5da663502cac2a2491b91a78c
SHA256

6f544c6850f0ecccb250c1e1a983a770a602a3115c2aed019830e940673d42b3
SHA512

3ebc92e5c90ce16be586ef86af087450016ef1cd6eaf4ec2496b0146c444386601a72617babb8b9ebe87401decca6205488a32eac6e24c786cb83ccc96862f95
SSDEEP

384:QL7li/2z8q2DcEQvdhcJKLTp/NK9xa60:OIM/Q9c60

Score

7^/10

Malware Config

Targets

- Target
  
  6f544c6850f0ecccb250c1e1a983a770a602a3115c2aed019830e940673d42b3
- Size
  
  12KB
- MD5
  
  4c31fd56e079d7eac48af3c56c0deedd
- SHA1
  
  1f968f55454955f5da663502cac2a2491b91a78c
- SHA256
  
  6f544c6850f0ecccb250c1e1a983a770a602a3115c2aed019830e940673d42b3
- SHA512
  
  3ebc92e5c90ce16be586ef86af087450016ef1cd6eaf4ec2496b0146c444386601a72617babb8b9ebe87401decca6205488a32eac6e24c786cb83ccc96862f95
- SSDEEP
  
  384:QL7li/2z8q2DcEQvdhcJKLTp/NK9xa60:OIM/Q9c60
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2