d2e2e8fcae28c5b314e1866fd16818a3dae0dc52fa2728187697e14293937642 | Triage

Sharing

General

Target

d2e2e8fcae28c5b314e1866fd16818a3dae0dc52fa2728187697e14293937642
Size

12KB
Sample

240605-ebb8gseb74
MD5

a05fe512d7dd4a78269ac0794579d268
SHA1

88fc4d464c5260f01ecaa8ab2f52b63d008fd806
SHA256

d2e2e8fcae28c5b314e1866fd16818a3dae0dc52fa2728187697e14293937642
SHA512

c3c1f40dad28e734dc114668d190a8a75c6c25969a3975edff13d872643813c5bff05f0aaef05599828a592c4a2c4bb7396e0e02fe5f13f6c53440edbf09f99a
SSDEEP

384:jL7li/2zwq2DcEQvdhcJKLTp/NK9xad+:nMM/Q9cd+

Score

7^/10

Malware Config

Targets

- Target
  
  d2e2e8fcae28c5b314e1866fd16818a3dae0dc52fa2728187697e14293937642
- Size
  
  12KB
- MD5
  
  a05fe512d7dd4a78269ac0794579d268
- SHA1
  
  88fc4d464c5260f01ecaa8ab2f52b63d008fd806
- SHA256
  
  d2e2e8fcae28c5b314e1866fd16818a3dae0dc52fa2728187697e14293937642
- SHA512
  
  c3c1f40dad28e734dc114668d190a8a75c6c25969a3975edff13d872643813c5bff05f0aaef05599828a592c4a2c4bb7396e0e02fe5f13f6c53440edbf09f99a
- SSDEEP
  
  384:jL7li/2zwq2DcEQvdhcJKLTp/NK9xad+:nMM/Q9cd+
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2