c1686e5f354a9445bf6ea2aed8ae2a1edf70797f6ba329d7d7fe1100bac0e9c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1686e5f354a9445bf6ea2aed8ae2a1edf70797f6ba329d7d7fe1100bac0e9c2
Size

12KB
Sample

240809-cd33waycke
MD5

370487c059ca4121883182b9013fdbe4
SHA1

3041faacb8cd97e60bd753f5e604070759881817
SHA256

c1686e5f354a9445bf6ea2aed8ae2a1edf70797f6ba329d7d7fe1100bac0e9c2
SHA512

9b42847be7f44b84514a9af9210df60ffac350423507637441eae1ffa60a156942803fd8e67a43a16d3556c940a29c061cba5bcfa9150065ff87a560200d6d1c
SSDEEP

384:oL7li/2zyq2DcEQvdfcJKLTp/NK9xaZn:WSMZQ9cZn

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c1686e5f354a9445bf6ea2aed8ae2a1edf70797f6ba329d7d7fe1100bac0e9c2
- Size
  
  12KB
- MD5
  
  370487c059ca4121883182b9013fdbe4
- SHA1
  
  3041faacb8cd97e60bd753f5e604070759881817
- SHA256
  
  c1686e5f354a9445bf6ea2aed8ae2a1edf70797f6ba329d7d7fe1100bac0e9c2
- SHA512
  
  9b42847be7f44b84514a9af9210df60ffac350423507637441eae1ffa60a156942803fd8e67a43a16d3556c940a29c061cba5bcfa9150065ff87a560200d6d1c
- SSDEEP
  
  384:oL7li/2zyq2DcEQvdfcJKLTp/NK9xaZn:WSMZQ9cZn
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2