Overview

overview

10

Static

static

vbc.exe

windows7_x64

7

vbc.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    151s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    05-07-2022 16:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    vbc.exe

  • Size

    374KB

  • MD5

    24e89d07e1071f93c8f8e0a03eeb7b9a

  • SHA1

    981c5c627491a6952c14921289e7d60ba819f019

  • SHA256

    70c021052ad4b72188bf5d6c960e668524c7d538e9d30e4991269f7a5e79a566

  • SHA512

    84b617ab92a58122c5167a13c67fed43ac3e336e7dcd2d73370a2f54c8a903d047bffd5a97a4dc08f1460ba685db9fc4daafd7edadebc2430f77666d5c0afb2f

Score
7/10

Malware Config

Signatures

  • Uses the VBS compiler for execution 1 TTPs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\vbc.exe
    "C:\Users\Admin\AppData\Local\Temp\vbc.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1276

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

1
T1064

Persistence

Privilege Escalation

Defense Evasion

Scripting

1
T1064

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1276-54-0x0000000000CD0000-0x0000000000D34000-memory.dmp
    Filesize

    400KB

    Download
  • memory/1276-55-0x0000000076C01000-0x0000000076C03000-memory.dmp
    Filesize

    8KB

    Download