General
-
Target
FNBCWBQ93746.vbs
-
Size
746B
-
Sample
211023-ghe9tscbc3
-
MD5
6a2a1aaf8efc070333ed585ca4430005
-
SHA1
846ea1a7c2f4b9939c7e93fce804a37299b3087c
-
SHA256
5721f7ccd18493a91d2480764cb5c0f0daead0c45d43839751c9cc5fd0eca4fd
-
SHA512
f5735dedced9e1689b3a8b820a28f1b0a3aad22a364a3257913a0148efd0cf5e0d1f753b9c0999fef2046dfe660c3363e125d437b770b019a358cd66ca1dac7f
Static task
static1
Behavioral task
behavioral1
Sample
FNBCWBQ93746.vbs
Resource
win7-en-20211014
Malware Config
Extracted
https://thespringreviews.com/.Fainl.txt
Targets
-
-
Target
FNBCWBQ93746.vbs
-
Size
746B
-
MD5
6a2a1aaf8efc070333ed585ca4430005
-
SHA1
846ea1a7c2f4b9939c7e93fce804a37299b3087c
-
SHA256
5721f7ccd18493a91d2480764cb5c0f0daead0c45d43839751c9cc5fd0eca4fd
-
SHA512
f5735dedced9e1689b3a8b820a28f1b0a3aad22a364a3257913a0148efd0cf5e0d1f753b9c0999fef2046dfe660c3363e125d437b770b019a358cd66ca1dac7f
-
Async RAT payload
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-