General
-
Target
FQ45.vbs
-
Size
996B
-
Sample
210408-7xfvk1xtr2
-
MD5
7c5cdd80461494fe18eae20726676f01
-
SHA1
9d4ba6a01448c36043854f6a13a5922480c6a26f
-
SHA256
e5ddae23eb8d248fb190371808ab28d20485a16f2eb0fc238a1fb812f3c52c91
-
SHA512
9c54062fd3cc99467613562bac1dc29b477492c3ce8b07a1c289c1c4099a036ddcd00c5a0992244d17afda0ee9cb4d308a022c7d4993e64423a46470af64e93c
Static task
static1
Behavioral task
behavioral1
Sample
FQ45.vbs
Resource
win7v20201028
Behavioral task
behavioral2
Sample
FQ45.vbs
Resource
win10v20201028
Malware Config
Targets
-
-
Target
FQ45.vbs
-
Size
996B
-
MD5
7c5cdd80461494fe18eae20726676f01
-
SHA1
9d4ba6a01448c36043854f6a13a5922480c6a26f
-
SHA256
e5ddae23eb8d248fb190371808ab28d20485a16f2eb0fc238a1fb812f3c52c91
-
SHA512
9c54062fd3cc99467613562bac1dc29b477492c3ce8b07a1c289c1c4099a036ddcd00c5a0992244d17afda0ee9cb4d308a022c7d4993e64423a46470af64e93c
Score8/10-
Blocklisted process makes network request
-
Drops startup file
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-