bfbee2118ac95820fa10aa30c113b60478d5efd64a6844ec43008368de57c229 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfbee2118ac95820fa10aa30c113b60478d5efd64a6844ec43008368de57c229
Size

12KB
Sample

240601-c7v95afb7w
MD5

74ff2c2b59be172afecec7398b9ba9a5
SHA1

e176ae13fcefa2cbc68ba39099e756e4ab7fa0f1
SHA256

bfbee2118ac95820fa10aa30c113b60478d5efd64a6844ec43008368de57c229
SHA512

4d64ec8954bf658c592927fd6039cf22ca16b5c8336deffba8b087390fe88ee3bf2b45c14f9a6490f742e371a81a1c7f5ad1a40b3c9478c6f01fa006e752bd5e
SSDEEP

384:XL7li/2zhq2DcEQvdQcJKLTp/NK9xaJA:bZMCQ9cJA

Score

7^/10

Malware Config

Targets

- Target
  
  bfbee2118ac95820fa10aa30c113b60478d5efd64a6844ec43008368de57c229
- Size
  
  12KB
- MD5
  
  74ff2c2b59be172afecec7398b9ba9a5
- SHA1
  
  e176ae13fcefa2cbc68ba39099e756e4ab7fa0f1
- SHA256
  
  bfbee2118ac95820fa10aa30c113b60478d5efd64a6844ec43008368de57c229
- SHA512
  
  4d64ec8954bf658c592927fd6039cf22ca16b5c8336deffba8b087390fe88ee3bf2b45c14f9a6490f742e371a81a1c7f5ad1a40b3c9478c6f01fa006e752bd5e
- SSDEEP
  
  384:XL7li/2zhq2DcEQvdQcJKLTp/NK9xaJA:bZMCQ9cJA
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2