e9675f6fb29fb940c53a668fffd95c68bc7173550dbe9389ebe94f966eef4b07 | Triage

Sharing

General

Target

e9675f6fb29fb940c53a668fffd95c68bc7173550dbe9389ebe94f966eef4b07
Size

12KB
Sample

240604-e8sxhadc7z
MD5

8a7c1e1475cad00573cf203438118820
SHA1

d67f8134e11d5e047be230004e3f25b6aa3c2315
SHA256

e9675f6fb29fb940c53a668fffd95c68bc7173550dbe9389ebe94f966eef4b07
SHA512

c11802723730a9942c7e713ba678404c568f0f63e19adee312b37758388590f19732e4dbb68d239b30717dd7fb3ebc06a1ddea17b6d917e7a4ab584b4cf1221a
SSDEEP

384:+L7li/2z3q2DcEQvdQcJKLTp/NK9xaYy:oLMCQ9cYy

Score

7^/10

Malware Config

Targets

- Target
  
  e9675f6fb29fb940c53a668fffd95c68bc7173550dbe9389ebe94f966eef4b07
- Size
  
  12KB
- MD5
  
  8a7c1e1475cad00573cf203438118820
- SHA1
  
  d67f8134e11d5e047be230004e3f25b6aa3c2315
- SHA256
  
  e9675f6fb29fb940c53a668fffd95c68bc7173550dbe9389ebe94f966eef4b07
- SHA512
  
  c11802723730a9942c7e713ba678404c568f0f63e19adee312b37758388590f19732e4dbb68d239b30717dd7fb3ebc06a1ddea17b6d917e7a4ab584b4cf1221a
- SSDEEP
  
  384:+L7li/2z3q2DcEQvdQcJKLTp/NK9xaYy:oLMCQ9cYy
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2