2bff6117c34fe9227f1e18a76646b9369d8dab469e7f440e7438cdc229bab264 | Triage

Sharing

General

Target

Inv#_2E0688.lzh
Size

6KB
Sample

240604-pyqphagc7w
MD5

5afc27374cb4b49d9120e9e91010c3cd
SHA1

21c3d4f468db3ef00e428c98e0fa5ca99f9c3889
SHA256

2bff6117c34fe9227f1e18a76646b9369d8dab469e7f440e7438cdc229bab264
SHA512

bc07ae688bc2ac2c478ae837a7a9183439abad73649309cb4d004c6f6b74cbdb9b91883dd3d4d68cb434deadf92a292e2f20a45bae3d9fa2308958e07f372643
SSDEEP

192:gY3UyUyGDo2YQbjXAkTYDgE5jLgT0zVcxX7:gY3UyxSYUXAkiP5HAeSL

Score

8^/10

Malware Config

Targets

- Target
  
  Inv#_2E0688.vbs
- Size
  
  14KB
- MD5
  
  8bae164fec49a354fc8367b53b27fcd5
- SHA1
  
  4a7b25b3853e1cb200f4e217e718c691eb2075b8
- SHA256
  
  1f4c382dee3a98bd6b3bbbf875f7c49d2127a8cea7e1e2feff2d20ff27dd4799
- SHA512
  
  102b1b8e8f29b899d38e2fec67228fa8078bb8b82e5982f0d5ae785a5ead464de0cc17bf5484f9238f3aa93778a02d800e9c730eb25035f5a6a71be2bb283665
- SSDEEP
  
  192:uD3gOhEMOYt4wVTUpAnS+AQ4in8GiY6IdVqqJCIgCivAajbQQRpoAUdUQ4X/X:uDw0tz5UXzQPn8PUVqU6CSNPQO35X
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2