General
-
Target
RAMN2.vbs
-
Size
223KB
-
Sample
220312-kpbrrsdfdl
-
MD5
2b4d47e402af16e0094eec1e8fbeaf98
-
SHA1
40fdfbe617e8d6492712ed7c1bdefaecdb79fb30
-
SHA256
bdde1e74ef46863692bd6975af9203dffa21931c60dc29f01f3cf69f2093e35a
-
SHA512
7a8252eed1c0b0089fc56061d70149f5ed12992ea8d0f817d984cbfc3ad31c378f44eba1da833b9313b3757b3a7920a0dd7e9d7c427f528f8a11c1e9d1e5c162
Static task
static1
Behavioral task
behavioral1
Sample
RAMN2.vbs
Resource
win7-20220310-en
Malware Config
Targets
-
-
Target
RAMN2.vbs
-
Size
223KB
-
MD5
2b4d47e402af16e0094eec1e8fbeaf98
-
SHA1
40fdfbe617e8d6492712ed7c1bdefaecdb79fb30
-
SHA256
bdde1e74ef46863692bd6975af9203dffa21931c60dc29f01f3cf69f2093e35a
-
SHA512
7a8252eed1c0b0089fc56061d70149f5ed12992ea8d0f817d984cbfc3ad31c378f44eba1da833b9313b3757b3a7920a0dd7e9d7c427f528f8a11c1e9d1e5c162
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-