b3c4029ddbd2f994f8ef4bf7342f3ce9814e3185143e4e059d296f9afd499119 | Triage

Sharing

General

Target

b3c4029ddbd2f994f8ef4bf7342f3ce9814e3185143e4e059d296f9afd499119
Size

12KB
Sample

240607-gd82cabe48
MD5

61761a6fa4f356b695d52f997e1c6eb1
SHA1

a746decf7f36d9c74c76599fc3cf7b37277bf97d
SHA256

b3c4029ddbd2f994f8ef4bf7342f3ce9814e3185143e4e059d296f9afd499119
SHA512

67b96bc5e4612f8e9c127bf64afe06b3d3e2d3eeb34425fc9136713490be7d9d5ad2f2a9e87e1189d4566bc3e36266b42b3738abbcb110d0c0a752c7c55f2ef6
SSDEEP

384:nL7li/2zJq2DcEQvdhcJKLTp/NK9xaj5:LJM/Q9cj5

Score

7^/10

Malware Config

Targets

- Target
  
  b3c4029ddbd2f994f8ef4bf7342f3ce9814e3185143e4e059d296f9afd499119
- Size
  
  12KB
- MD5
  
  61761a6fa4f356b695d52f997e1c6eb1
- SHA1
  
  a746decf7f36d9c74c76599fc3cf7b37277bf97d
- SHA256
  
  b3c4029ddbd2f994f8ef4bf7342f3ce9814e3185143e4e059d296f9afd499119
- SHA512
  
  67b96bc5e4612f8e9c127bf64afe06b3d3e2d3eeb34425fc9136713490be7d9d5ad2f2a9e87e1189d4566bc3e36266b42b3738abbcb110d0c0a752c7c55f2ef6
- SSDEEP
  
  384:nL7li/2zJq2DcEQvdhcJKLTp/NK9xaj5:LJM/Q9cj5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2