4833597953e891095e315e736d7e219dfbe73b6dd57e7b5d2b3fb3ff79cf2380 | Triage

Sharing

General

Target

4833597953e891095e315e736d7e219dfbe73b6dd57e7b5d2b3fb3ff79cf2380
Size

12KB
Sample

240629-zp78aswcqb
MD5

5c9b366cc7e7be89c42a11e73a6830dd
SHA1

13d3b1f2feead25033b64bcbaba2fbb7c0f1a356
SHA256

4833597953e891095e315e736d7e219dfbe73b6dd57e7b5d2b3fb3ff79cf2380
SHA512

6e49016adefdde07c76b8151aa2cbd309db53827a244fd8142cfd5d163d28709007f480da1a6ce66ce126582dd1fe6c78643d9873766ede1e3ee9da55718cfa0
SSDEEP

384:qL7li/2zCq2DcEQvdhcJKLTp/NK9xaCv:06M/Q9cCv

Score

7^/10

Malware Config

Targets

- Target
  
  4833597953e891095e315e736d7e219dfbe73b6dd57e7b5d2b3fb3ff79cf2380
- Size
  
  12KB
- MD5
  
  5c9b366cc7e7be89c42a11e73a6830dd
- SHA1
  
  13d3b1f2feead25033b64bcbaba2fbb7c0f1a356
- SHA256
  
  4833597953e891095e315e736d7e219dfbe73b6dd57e7b5d2b3fb3ff79cf2380
- SHA512
  
  6e49016adefdde07c76b8151aa2cbd309db53827a244fd8142cfd5d163d28709007f480da1a6ce66ce126582dd1fe6c78643d9873766ede1e3ee9da55718cfa0
- SSDEEP
  
  384:qL7li/2zCq2DcEQvdhcJKLTp/NK9xaCv:06M/Q9cCv
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2