518faf67cbc2c3afb4e957fa10936f221b667bcb43ce705701e1a2d19d2c6ace | Triage

Sharing

Copy URL Twitter E-mail

General

Target

518faf67cbc2c3afb4e957fa10936f221b667bcb43ce705701e1a2d19d2c6ace
Size

12KB
Sample

240610-n939asac3x
MD5

a10e2d623161b39dd98cb0070017bb31
SHA1

d8785bd6a62bfb950073f28528d6df7f5fe1c001
SHA256

518faf67cbc2c3afb4e957fa10936f221b667bcb43ce705701e1a2d19d2c6ace
SHA512

00299129f281490bcc740b826b447b781b7ce08267eb5cf0da0579259af70ddd1999ae8ec94955fc5e9b28c6784498a6767dd35a4e7c93298fa53ccdbf530336
SSDEEP

384:ML7li/2z2q2DcEQvdQcJKLTp/NK9xaGp:K+MCQ9cGp

Score

7^/10

Malware Config

Targets

- Target
  
  518faf67cbc2c3afb4e957fa10936f221b667bcb43ce705701e1a2d19d2c6ace
- Size
  
  12KB
- MD5
  
  a10e2d623161b39dd98cb0070017bb31
- SHA1
  
  d8785bd6a62bfb950073f28528d6df7f5fe1c001
- SHA256
  
  518faf67cbc2c3afb4e957fa10936f221b667bcb43ce705701e1a2d19d2c6ace
- SHA512
  
  00299129f281490bcc740b826b447b781b7ce08267eb5cf0da0579259af70ddd1999ae8ec94955fc5e9b28c6784498a6767dd35a4e7c93298fa53ccdbf530336
- SSDEEP
  
  384:ML7li/2z2q2DcEQvdQcJKLTp/NK9xaGp:K+MCQ9cGp
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2