8b5e1a8a099ef3b700a4af6e1084cd288596fb06dfe8c8e06cf1984aace7da70 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b5e1a8a099ef3b700a4af6e1084cd288596fb06dfe8c8e06cf1984aace7da70
Size

12KB
Sample

240601-3s7bysbg94
MD5

3450ad8fbb0b469b1d077fcfd7c8dee1
SHA1

ddaf0b2c604c7b920355a47e64fd55890ab569fb
SHA256

8b5e1a8a099ef3b700a4af6e1084cd288596fb06dfe8c8e06cf1984aace7da70
SHA512

9e54ddb10928f424c6ec72675e8724fb18cbd4f232f2bf49784049a21d2f4e653557b9dec8579713fd2fd7c34025a7832511be85ee31774c46af138560fad86c
SSDEEP

384:JL7li/2zlq2DcEQvdhcJKLTp/NK9xaT9:5lM/Q9cT9

Score

7^/10

Malware Config

Targets

- Target
  
  8b5e1a8a099ef3b700a4af6e1084cd288596fb06dfe8c8e06cf1984aace7da70
- Size
  
  12KB
- MD5
  
  3450ad8fbb0b469b1d077fcfd7c8dee1
- SHA1
  
  ddaf0b2c604c7b920355a47e64fd55890ab569fb
- SHA256
  
  8b5e1a8a099ef3b700a4af6e1084cd288596fb06dfe8c8e06cf1984aace7da70
- SHA512
  
  9e54ddb10928f424c6ec72675e8724fb18cbd4f232f2bf49784049a21d2f4e653557b9dec8579713fd2fd7c34025a7832511be85ee31774c46af138560fad86c
- SSDEEP
  
  384:JL7li/2zlq2DcEQvdhcJKLTp/NK9xaT9:5lM/Q9cT9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2