General
-
Target
smokeweed.vbs
-
Size
3KB
-
Sample
210226-6kehkyxxrj
-
MD5
07b8be238ea7e4d28ab60dd6c485f663
-
SHA1
73c2226a8592f0a729a837013d40e5b55ecb4415
-
SHA256
78a881cbc86ce0458d8db0eae0c92a8e016537796ef3ab7928037f4a51d4ca2f
-
SHA512
9d1bcf4a17c4b7986e2fec74f0d4ba020ea2e4933ff9cad19a639d87f0998a32439a227bcd55bf37d08886276a11ede28f06a60af12b6a368b5cdbd2544cf7a0
Static task
static1
Behavioral task
behavioral1
Sample
smokeweed.vbs
Resource
win7v20201028
Malware Config
Targets
-
-
Target
smokeweed.vbs
-
Size
3KB
-
MD5
07b8be238ea7e4d28ab60dd6c485f663
-
SHA1
73c2226a8592f0a729a837013d40e5b55ecb4415
-
SHA256
78a881cbc86ce0458d8db0eae0c92a8e016537796ef3ab7928037f4a51d4ca2f
-
SHA512
9d1bcf4a17c4b7986e2fec74f0d4ba020ea2e4933ff9cad19a639d87f0998a32439a227bcd55bf37d08886276a11ede28f06a60af12b6a368b5cdbd2544cf7a0
-
Blocklisted process makes network request
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-