ed6ab364b383929cf7b4d2371e38cd4bf812262709a17b47a6faf07c101d9729 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed6ab364b383929cf7b4d2371e38cd4bf812262709a17b47a6faf07c101d9729
Size

12KB
Sample

240605-ft93xafa31
MD5

470a271349bcc090f183dbab7f949b99
SHA1

179eabb2e5c9b5690a277e62b2ac8469e4f8e5f3
SHA256

ed6ab364b383929cf7b4d2371e38cd4bf812262709a17b47a6faf07c101d9729
SHA512

ce5b82e749ad4d6fde550e29a5f26cca51a13be908cb8c71a9ac8bd56d0ec50b1263d05d75cbfe7e697d7d85767113973ca18eeccc9c3d83738d46d55cb49254
SSDEEP

384:IL7li/2zyq2DcEQvdQcJKLTp/NK9xadY:2qMCQ9cdY

Score

7^/10

Malware Config

Targets

- Target
  
  ed6ab364b383929cf7b4d2371e38cd4bf812262709a17b47a6faf07c101d9729
- Size
  
  12KB
- MD5
  
  470a271349bcc090f183dbab7f949b99
- SHA1
  
  179eabb2e5c9b5690a277e62b2ac8469e4f8e5f3
- SHA256
  
  ed6ab364b383929cf7b4d2371e38cd4bf812262709a17b47a6faf07c101d9729
- SHA512
  
  ce5b82e749ad4d6fde550e29a5f26cca51a13be908cb8c71a9ac8bd56d0ec50b1263d05d75cbfe7e697d7d85767113973ca18eeccc9c3d83738d46d55cb49254
- SSDEEP
  
  384:IL7li/2zyq2DcEQvdQcJKLTp/NK9xadY:2qMCQ9cdY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2