e1a422410895777443f2e36a3c12ce96f5325b3d3c5deb83128c095d706108fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1a422410895777443f2e36a3c12ce96f5325b3d3c5deb83128c095d706108fa
Size

12KB
Sample

240606-h9gseabc6y
MD5

a4008aecb4e9a193a845b630f1e94553
SHA1

a6f2007238faef17a71b531266256e0b41f594e6
SHA256

e1a422410895777443f2e36a3c12ce96f5325b3d3c5deb83128c095d706108fa
SHA512

0a882e08056993585963a71ec98ee6b7f2974e35c1dfa18293c758c0eefc49422557064792bfa8295ed41e1dd786705c1e62f59d166c7f33e9bfc42433549750
SSDEEP

384:gL7li/2zNq2DcEQvdhcJKLTp/NK9xaz6:+9M/Q9cz6

Score

7^/10

Malware Config

Targets

- Target
  
  e1a422410895777443f2e36a3c12ce96f5325b3d3c5deb83128c095d706108fa
- Size
  
  12KB
- MD5
  
  a4008aecb4e9a193a845b630f1e94553
- SHA1
  
  a6f2007238faef17a71b531266256e0b41f594e6
- SHA256
  
  e1a422410895777443f2e36a3c12ce96f5325b3d3c5deb83128c095d706108fa
- SHA512
  
  0a882e08056993585963a71ec98ee6b7f2974e35c1dfa18293c758c0eefc49422557064792bfa8295ed41e1dd786705c1e62f59d166c7f33e9bfc42433549750
- SSDEEP
  
  384:gL7li/2zNq2DcEQvdhcJKLTp/NK9xaz6:+9M/Q9cz6
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2