b5179dcf8c55b9131d102cf216dfacbcf78d2e3f773d2493ce9aaa84db1d6b7a | Triage

Sharing

General

Target

Bestellerinnerung-Rechnungsnummer2024-507315.wsf
Size

8KB
Sample

241014-x1fw3swamk
MD5

5247deb6930b445cd63f008cda63e6f9
SHA1

fa431cd45329897eea0d64475bc16a22f0bae896
SHA256

b5179dcf8c55b9131d102cf216dfacbcf78d2e3f773d2493ce9aaa84db1d6b7a
SHA512

cc71ec3bad16628cca7e63805415e9a5924203cd34fbb8ec23e88e68f4f994d209d1aa0b5ae45dbe6a92c0f5b6b7065d55ec696490cb3b4030545348ac7aecec
SSDEEP

192:A8RsImHVMItdYFuInCqNGIXFfHokbUjC5JjLPdMUep1fkqvzO:+mfC1AbUQjDdML1rvK

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  Bestellerinnerung-Rechnungsnummer2024-507315.wsf
- Size
  
  8KB
- MD5
  
  5247deb6930b445cd63f008cda63e6f9
- SHA1
  
  fa431cd45329897eea0d64475bc16a22f0bae896
- SHA256
  
  b5179dcf8c55b9131d102cf216dfacbcf78d2e3f773d2493ce9aaa84db1d6b7a
- SHA512
  
  cc71ec3bad16628cca7e63805415e9a5924203cd34fbb8ec23e88e68f4f994d209d1aa0b5ae45dbe6a92c0f5b6b7065d55ec696490cb3b4030545348ac7aecec
- SSDEEP
  
  192:A8RsImHVMItdYFuInCqNGIXFfHokbUjC5JjLPdMUep1fkqvzO:+mfC1AbUQjDdML1rvK
Score

8^/10

discovery
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2