781491c28cb3abb1252c9ea8290bdf0a0d33b3a30a30a1822dd4b2c0e5397d7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

781491c28cb3abb1252c9ea8290bdf0a0d33b3a30a30a1822dd4b2c0e5397d7f
Size

12KB
Sample

240607-bw94gafc5v
MD5

d3aa7dd775bfae52e1534e44bcbba566
SHA1

b9efe441cbcac8708c117d824211a6c7be0283b5
SHA256

781491c28cb3abb1252c9ea8290bdf0a0d33b3a30a30a1822dd4b2c0e5397d7f
SHA512

55ec057d0346a606a28ac863a06d4d4a06cb892b1e613ffce490f88eddd9966d0253e1f96b1f4b2b68110954b827523744efbf90bc6bc37924a3170101ca92c3
SSDEEP

384:hL7li/2zPq2DcEQvdhcJKLTp/NK9xaxz:B7M/Q9cxz

Score

7^/10

Malware Config

Targets

- Target
  
  781491c28cb3abb1252c9ea8290bdf0a0d33b3a30a30a1822dd4b2c0e5397d7f
- Size
  
  12KB
- MD5
  
  d3aa7dd775bfae52e1534e44bcbba566
- SHA1
  
  b9efe441cbcac8708c117d824211a6c7be0283b5
- SHA256
  
  781491c28cb3abb1252c9ea8290bdf0a0d33b3a30a30a1822dd4b2c0e5397d7f
- SHA512
  
  55ec057d0346a606a28ac863a06d4d4a06cb892b1e613ffce490f88eddd9966d0253e1f96b1f4b2b68110954b827523744efbf90bc6bc37924a3170101ca92c3
- SSDEEP
  
  384:hL7li/2zPq2DcEQvdhcJKLTp/NK9xaxz:B7M/Q9cxz
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2