156414d5db138d063f8bad62a8c87a78619599a8ab1bf3cd6ecadc7ccd0d82c6 | Triage

Sharing

General

Target

156414d5db138d063f8bad62a8c87a78619599a8ab1bf3cd6ecadc7ccd0d82c6
Size

12KB
Sample

240603-xnkz9sgd57
MD5

0f7455444721bf52547e4070f54b8445
SHA1

d7b7612e820d2c48b86bcc3527c2928357bf881e
SHA256

156414d5db138d063f8bad62a8c87a78619599a8ab1bf3cd6ecadc7ccd0d82c6
SHA512

da3283394e6eaeda375ca271f5b3b81822055e6bf2aa4737d87489f0af07efd368b33962b383e8134d3581ef868b9aa944a6d4e26a46a7609314c219f86ef366
SSDEEP

384:6L7li/2zfq2DcEQvdhcJKLTp/NK9xaW2r:krM/Q9c1r

Score

7^/10

Malware Config

Targets

- Target
  
  156414d5db138d063f8bad62a8c87a78619599a8ab1bf3cd6ecadc7ccd0d82c6
- Size
  
  12KB
- MD5
  
  0f7455444721bf52547e4070f54b8445
- SHA1
  
  d7b7612e820d2c48b86bcc3527c2928357bf881e
- SHA256
  
  156414d5db138d063f8bad62a8c87a78619599a8ab1bf3cd6ecadc7ccd0d82c6
- SHA512
  
  da3283394e6eaeda375ca271f5b3b81822055e6bf2aa4737d87489f0af07efd368b33962b383e8134d3581ef868b9aa944a6d4e26a46a7609314c219f86ef366
- SSDEEP
  
  384:6L7li/2zfq2DcEQvdhcJKLTp/NK9xaW2r:krM/Q9c1r
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2