1d948eb1740c380a4fe4796dae68e6230e06175ddfcd85c8fbf9af44ba5b81ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d948eb1740c380a4fe4796dae68e6230e06175ddfcd85c8fbf9af44ba5b81ff
Size

12KB
Sample

240603-x1lgkafe5s
MD5

0431b94a4ee825d9497b082d98e8729a
SHA1

13ae8c01775c21bce0eaae88322ce01b29119977
SHA256

1d948eb1740c380a4fe4796dae68e6230e06175ddfcd85c8fbf9af44ba5b81ff
SHA512

b64347903a3ad93b46878e6fc30cb799a97e5058c5ba069f2febe5963853a95abab77081c7df17023c3906ce7525c63bbf59be971b18adac17fd68c4afa54034
SSDEEP

384:0L7li/2zWq2DcEQvdhcJKLTp/NK9xab1:i2M/Q9cb1

Score

7^/10

Malware Config

Targets

- Target
  
  1d948eb1740c380a4fe4796dae68e6230e06175ddfcd85c8fbf9af44ba5b81ff
- Size
  
  12KB
- MD5
  
  0431b94a4ee825d9497b082d98e8729a
- SHA1
  
  13ae8c01775c21bce0eaae88322ce01b29119977
- SHA256
  
  1d948eb1740c380a4fe4796dae68e6230e06175ddfcd85c8fbf9af44ba5b81ff
- SHA512
  
  b64347903a3ad93b46878e6fc30cb799a97e5058c5ba069f2febe5963853a95abab77081c7df17023c3906ce7525c63bbf59be971b18adac17fd68c4afa54034
- SSDEEP
  
  384:0L7li/2zWq2DcEQvdhcJKLTp/NK9xab1:i2M/Q9cb1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2