5d3cb91c7d784f67fdb5cf4275d96c36e4e331487e227d3682599856eb24c987 | Triage

Sharing

General

Target

5d3cb91c7d784f67fdb5cf4275d96c36e4e331487e227d3682599856eb24c987
Size

12KB
Sample

240609-amqg2abd88
MD5

ee9e7173cbacb0a1e820d2a96887fa2a
SHA1

70253a73f5f84eec8d0c69989864a275157a5dd7
SHA256

5d3cb91c7d784f67fdb5cf4275d96c36e4e331487e227d3682599856eb24c987
SHA512

8c5761d23978e9ec15e0c5e07b872187ed3ca3a371706d607fac7bd7ad9f0d3058f772e8dcad67e4662e68f61c1b607963d264ae6f851e00d24563ad0ecb73bf
SSDEEP

384:XL7li/2zjq2DcEQvdhcJKLTp/NK9xaO9:bfM/Q9cO9

Score

7^/10

Malware Config

Targets

- Target
  
  5d3cb91c7d784f67fdb5cf4275d96c36e4e331487e227d3682599856eb24c987
- Size
  
  12KB
- MD5
  
  ee9e7173cbacb0a1e820d2a96887fa2a
- SHA1
  
  70253a73f5f84eec8d0c69989864a275157a5dd7
- SHA256
  
  5d3cb91c7d784f67fdb5cf4275d96c36e4e331487e227d3682599856eb24c987
- SHA512
  
  8c5761d23978e9ec15e0c5e07b872187ed3ca3a371706d607fac7bd7ad9f0d3058f772e8dcad67e4662e68f61c1b607963d264ae6f851e00d24563ad0ecb73bf
- SSDEEP
  
  384:XL7li/2zjq2DcEQvdhcJKLTp/NK9xaO9:bfM/Q9cO9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2