0a01f01217c6fb8d9abcce7a33712e2f47ccd6d7d141d6cf7e87391f00d551c7 | Triage

Sharing

General

Target

JVC_41929.vbs
Size

4.7MB
Sample

200217-xav6qpnnfx
MD5

894f137dffcac1393e4599e49dabf92e
SHA1

dccf0dbf36e903df7ed599e29886e48b7dbd1a78
SHA256

0a01f01217c6fb8d9abcce7a33712e2f47ccd6d7d141d6cf7e87391f00d551c7
SHA512

969720515df7b09ba82d22187334ab38638db55e04a622ed309d795ad501c3f22523ab421b72e7065343016aa55e82624948dbb8974f82306ede1513f9362acb

Score

8^/10

evasion spyware trojan

Malware Config

Targets

- Target
  
  JVC_41929.vbs
- Size
  
  4.7MB
- MD5
  
  894f137dffcac1393e4599e49dabf92e
- SHA1
  
  dccf0dbf36e903df7ed599e29886e48b7dbd1a78
- SHA256
  
  0a01f01217c6fb8d9abcce7a33712e2f47ccd6d7d141d6cf7e87391f00d551c7
- SHA512
  
  969720515df7b09ba82d22187334ab38638db55e04a622ed309d795ad501c3f22523ab421b72e7065343016aa55e82624948dbb8974f82306ede1513f9362acb
Score

8^/10

evasion spyware trojan
- Blacklisted process makes network request
- Modifies system certificate store
  evasion spyware trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionspywaretrojan

behavioral2