9ea5faffb4a9c07869522c83bdd35d316e41e8548ecffe854e1fdff63d41fb0d | Triage

Sharing

General

Target

9ea5faffb4a9c07869522c83bdd35d316e41e8548ecffe854e1fdff63d41fb0d
Size

12KB
Sample

240609-gj718sfd43
MD5

82702ee71a59679913a42ab5bf8d2a63
SHA1

b66c54737a6269a42264b1b9325b0a1397a81392
SHA256

9ea5faffb4a9c07869522c83bdd35d316e41e8548ecffe854e1fdff63d41fb0d
SHA512

04aaf38cbe1053d775deea2de7c9dfeb0a40e70a4ef2be65b342af031a0f8bd1df412751e58028506dd4106240eb8fd549271d2276ebba202020b3111d471a53
SSDEEP

384:fL7li/2zmq2DcEQvdQcJKLTp/NK9xaHi:T+MCQ9cHi

Score

7^/10

Malware Config

Targets

- Target
  
  9ea5faffb4a9c07869522c83bdd35d316e41e8548ecffe854e1fdff63d41fb0d
- Size
  
  12KB
- MD5
  
  82702ee71a59679913a42ab5bf8d2a63
- SHA1
  
  b66c54737a6269a42264b1b9325b0a1397a81392
- SHA256
  
  9ea5faffb4a9c07869522c83bdd35d316e41e8548ecffe854e1fdff63d41fb0d
- SHA512
  
  04aaf38cbe1053d775deea2de7c9dfeb0a40e70a4ef2be65b342af031a0f8bd1df412751e58028506dd4106240eb8fd549271d2276ebba202020b3111d471a53
- SSDEEP
  
  384:fL7li/2zmq2DcEQvdQcJKLTp/NK9xaHi:T+MCQ9cHi
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2