69e9a6be28ec6c7c609604a9e4c82414c4058e2b5ece7cdc3c5605029de74248 | Triage

Sharing

General

Target

69e9a6be28ec6c7c609604a9e4c82414c4058e2b5ece7cdc3c5605029de74248
Size

12KB
Sample

240607-asbk3aed31
MD5

8ab9b1e9df94436a1f1b4ffab326fbc4
SHA1

df6c481d09c93087fafab9e303c21242cb0b1a1e
SHA256

69e9a6be28ec6c7c609604a9e4c82414c4058e2b5ece7cdc3c5605029de74248
SHA512

d47f8ef31d2909004bab554be3f43a9e9631108f1284bd9502222770afc0e52abc2c1c3ec3a815de161f5e29c8e908ae4cacccd2b16730c12f79bfe2f004e61c
SSDEEP

384:UL7li/2z6q2DcEQvdhcJKLTp/NK9xadQ:CyM/Q9cdQ

Score

7^/10

Malware Config

Targets

- Target
  
  69e9a6be28ec6c7c609604a9e4c82414c4058e2b5ece7cdc3c5605029de74248
- Size
  
  12KB
- MD5
  
  8ab9b1e9df94436a1f1b4ffab326fbc4
- SHA1
  
  df6c481d09c93087fafab9e303c21242cb0b1a1e
- SHA256
  
  69e9a6be28ec6c7c609604a9e4c82414c4058e2b5ece7cdc3c5605029de74248
- SHA512
  
  d47f8ef31d2909004bab554be3f43a9e9631108f1284bd9502222770afc0e52abc2c1c3ec3a815de161f5e29c8e908ae4cacccd2b16730c12f79bfe2f004e61c
- SSDEEP
  
  384:UL7li/2z6q2DcEQvdhcJKLTp/NK9xadQ:CyM/Q9cdQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2