0861e674cecf34ecebac49f6177b7a9f295e1a1cf8599ec139cb575009a6ced2 | Triage

Sharing

General

Target

0861e674cecf34ecebac49f6177b7a9f295e1a1cf8599ec139cb575009a6ced2
Size

12KB
Sample

240602-w4azkabg32
MD5

3facec8825e6bad731fad9270b1e4dca
SHA1

9c070f6924973dd780fafa428936c3bdce652fb8
SHA256

0861e674cecf34ecebac49f6177b7a9f295e1a1cf8599ec139cb575009a6ced2
SHA512

2c1f0062c9738f875a834cd322899f56ffa268e0bfc1fb76cba134a7ecff14e670e3127d1a35ca622a653fff0d93603dc733b3c4859ef768edaba5b44752343f
SSDEEP

384:NL7li/2zgq2DcEQvdhcJKLTp/NK9xamF:dEM/Q9cmF

Score

7^/10

Malware Config

Targets

- Target
  
  0861e674cecf34ecebac49f6177b7a9f295e1a1cf8599ec139cb575009a6ced2
- Size
  
  12KB
- MD5
  
  3facec8825e6bad731fad9270b1e4dca
- SHA1
  
  9c070f6924973dd780fafa428936c3bdce652fb8
- SHA256
  
  0861e674cecf34ecebac49f6177b7a9f295e1a1cf8599ec139cb575009a6ced2
- SHA512
  
  2c1f0062c9738f875a834cd322899f56ffa268e0bfc1fb76cba134a7ecff14e670e3127d1a35ca622a653fff0d93603dc733b3c4859ef768edaba5b44752343f
- SSDEEP
  
  384:NL7li/2zgq2DcEQvdhcJKLTp/NK9xamF:dEM/Q9cmF
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2