d7591cff1a0c0e915efc2968a12fe55cf701c9c9d32b0af77d4e27e9b5c41bd5 | Triage

Sharing

General

Target

d7591cff1a0c0e915efc2968a12fe55cf701c9c9d32b0af77d4e27e9b5c41bd5.vbs
Size

435KB
Sample

221019-ve5bfagef9
MD5

0de900a58b527ce0f6ab2324266a69ea
SHA1

d92ecfc817b4044b3b937db8e7a091f311d0a44b
SHA256

d7591cff1a0c0e915efc2968a12fe55cf701c9c9d32b0af77d4e27e9b5c41bd5
SHA512

ee961030f1612e1fb2e2ff11e7a09548cf0476e432c965fc55e36da0ccf9368a2db65fe587a3036fa9a0185e92d6614f075b8b1371f6d62484fcc3a5a65dd85a
SSDEEP

6144:RyF1b85ASf0UJa5mYfmVJOqsdzh7Y52eowLnb/D80Hh7MjxGPES5W5:RynG246dfmJOqsdztYoAZlM5

Score

8^/10

Malware Config

Targets

- Target
  
  d7591cff1a0c0e915efc2968a12fe55cf701c9c9d32b0af77d4e27e9b5c41bd5.vbs
- Size
  
  435KB
- MD5
  
  0de900a58b527ce0f6ab2324266a69ea
- SHA1
  
  d92ecfc817b4044b3b937db8e7a091f311d0a44b
- SHA256
  
  d7591cff1a0c0e915efc2968a12fe55cf701c9c9d32b0af77d4e27e9b5c41bd5
- SHA512
  
  ee961030f1612e1fb2e2ff11e7a09548cf0476e432c965fc55e36da0ccf9368a2db65fe587a3036fa9a0185e92d6614f075b8b1371f6d62484fcc3a5a65dd85a
- SSDEEP
  
  6144:RyF1b85ASf0UJa5mYfmVJOqsdzh7Y52eowLnb/D80Hh7MjxGPES5W5:RynG246dfmJOqsdztYoAZlM5
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2