Overview

overview

6

Static

static

URLScan

urlscan

https://email.vbasof...

windows10_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://email.vbasoftware.com/e2t/tc/VW92pk33PCB5W51xzZ06-WW2SW5_BCzp4m176cN8XrLDZ5jmnJV3Zsc37CgH33N21-9w9wdsv6W3kTdwH3QThVqW1FFXFR4vrwCBW3kNYvx8bwkcfW8gH3Kg19VjWgW79q6xW2sj2cBVYkyfd8bCz6ZW8SdWpc11nWhjW93XbxT8BPgJsW34dJcK5lLlCvW1p7nDj293C_nW28cGPM1phf69W3YZR8r54nJdzW8dp9vQ6tcLGKW104-_Y7pgPsvW782lJ8923VjRW6zQPxq4SNpb2VsLdZv78CBXcW8FJC_f6n7Y1qW8jdv8k5Q6dS_W8Rpgzw5MYZTBW6SgtHv1FsZyRW8VNzmZ3J62mnW1VNRfL1Zkj-SW3HpsFr1Qslq4W5D2M4P19fSPQW11NcmK1KJBf4W5g3y9L2sDR3RW1RvBfy8yjwf1W8x3HpD3vdp50N5MGDzg3b-DfN8G6W-qsh7vkW8nknRY5nmf11W3pmvzW3zMSGk3lFz1

  • Sample

    210122-lsvk46q36n

Score
6/10
ransomware

Malware Config

Targets

    • Target

      https://email.vbasoftware.com/e2t/tc/VW92pk33PCB5W51xzZ06-WW2SW5_BCzp4m176cN8XrLDZ5jmnJV3Zsc37CgH33N21-9w9wdsv6W3kTdwH3QThVqW1FFXFR4vrwCBW3kNYvx8bwkcfW8gH3Kg19VjWgW79q6xW2sj2cBVYkyfd8bCz6ZW8SdWpc11nWhjW93XbxT8BPgJsW34dJcK5lLlCvW1p7nDj293C_nW28cGPM1phf69W3YZR8r54nJdzW8dp9vQ6tcLGKW104-_Y7pgPsvW782lJ8923VjRW6zQPxq4SNpb2VsLdZv78CBXcW8FJC_f6n7Y1qW8jdv8k5Q6dS_W8Rpgzw5MYZTBW6SgtHv1FsZyRW8VNzmZ3J62mnW1VNRfL1Zkj-SW3HpsFr1Qslq4W5D2M4P19fSPQW11NcmK1KJBf4W5g3y9L2sDR3RW1RvBfy8yjwf1W8x3HpD3vdp50N5MGDzg3b-DfN8G6W-qsh7vkW8nknRY5nmf11W3pmvzW3zMSGk3lFz1

    Score
    6/10
    ransomware

    • JavaScript code in executable

    • Program crash

    • Enumerates physical storage devices

      Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

      ransomware
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks