General
-
Target
2nd-stage.vbs
-
Size
1KB
-
Sample
200213-r1nwjgkwea
-
MD5
1164fa998ddecff39246b197f06ca363
-
SHA1
6cf6a11e185b0dc2b74994f9a09856dfd8107d77
-
SHA256
0c25276d58a251c42e1a4fa8f2416af88b09b248a9b99dbf039670e2a288a803
-
SHA512
95c1c49f57e53894933ac887c4b76b978f74bb9d23e0f14598031cf364ae785537cf85119e4088202f02e5671ec60213db9b51a8a388a87fc1a810fe99825256
Static task
static1
Behavioral task
behavioral1
Sample
2nd-stage.vbs
Resource
win7v191014
Malware Config
Extracted
https://pastebin.com/raw/NRWPsuFT
Extracted
https://pastebin.com/raw/W4nmEPn5
Targets
-
-
Target
2nd-stage.vbs
-
Size
1KB
-
MD5
1164fa998ddecff39246b197f06ca363
-
SHA1
6cf6a11e185b0dc2b74994f9a09856dfd8107d77
-
SHA256
0c25276d58a251c42e1a4fa8f2416af88b09b248a9b99dbf039670e2a288a803
-
SHA512
95c1c49f57e53894933ac887c4b76b978f74bb9d23e0f14598031cf364ae785537cf85119e4088202f02e5671ec60213db9b51a8a388a87fc1a810fe99825256
Score10/10-
Blacklisted process makes network request
-
Adds Run entry to start application
-