07068d96e729b71a0854d276dc25e5487ea2be0716cee4ac5e05424bb6c3a6f7 | Triage

Sharing

General

Target

virussign.com_793eec4eb7a3b8baf42e81dd7f0ce920.vir
Size

12KB
Sample

240602-lckdtaha9s
MD5

793eec4eb7a3b8baf42e81dd7f0ce920
SHA1

dd37598b4847e2fdbe4986443af24b58b43bf2d6
SHA256

07068d96e729b71a0854d276dc25e5487ea2be0716cee4ac5e05424bb6c3a6f7
SHA512

0b3613708a60e1384db5efe0a741986253ff1e1e1e46178920671c703cc5a9f2e272687cf9563e17e41b7868ee945d621f34e94fc2b8e9d7b2acfc88f4bb93a2
SSDEEP

384:gL7li/2zXq2DcEQvdQcJKLTp/NK9xaAy:+zMCQ9cAy

Score

7^/10

Malware Config

Targets

- Target
  
  virussign.com_793eec4eb7a3b8baf42e81dd7f0ce920.vir
- Size
  
  12KB
- MD5
  
  793eec4eb7a3b8baf42e81dd7f0ce920
- SHA1
  
  dd37598b4847e2fdbe4986443af24b58b43bf2d6
- SHA256
  
  07068d96e729b71a0854d276dc25e5487ea2be0716cee4ac5e05424bb6c3a6f7
- SHA512
  
  0b3613708a60e1384db5efe0a741986253ff1e1e1e46178920671c703cc5a9f2e272687cf9563e17e41b7868ee945d621f34e94fc2b8e9d7b2acfc88f4bb93a2
- SSDEEP
  
  384:gL7li/2zXq2DcEQvdQcJKLTp/NK9xaAy:+zMCQ9cAy
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2