Overview

overview

8

Static

static

vbs (3).vbs

windows7-x64

8

vbs (3).vbs

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    vbs (3).vbs

  • Size

    888KB

  • Sample

    221202-csvp2shb9x

  • MD5

    7a3b1d9cf6ea0fb03959c6d3160aaa41

  • SHA1

    d964ca2c51a6b98b857ec1a11830b3d58d8964f2

  • SHA256

    bf65d6b5d594b9a65ee5cc7b9760432fea8abdd4278e61d74a5bdf921678b0b0

  • SHA512

    1973383acdc95e22b9d750d3a5084067a3f330f5ddb168a12ffd13e2464d00c3beae2cb8375fc8a4aac68cecc7a0eccd087b01ec22c649ebc9292fdebdd48063

  • SSDEEP

    12288:2YLY1birWYjdYmYD+lJ3YNDCDZstN9RglY2Y7tsYuxaYBIYa:bUAar1nbvILa

Score
8/10
persistence

Malware Config

Targets

    • Target

      vbs (3).vbs

    • Size

      888KB

    • MD5

      7a3b1d9cf6ea0fb03959c6d3160aaa41

    • SHA1

      d964ca2c51a6b98b857ec1a11830b3d58d8964f2

    • SHA256

      bf65d6b5d594b9a65ee5cc7b9760432fea8abdd4278e61d74a5bdf921678b0b0

    • SHA512

      1973383acdc95e22b9d750d3a5084067a3f330f5ddb168a12ffd13e2464d00c3beae2cb8375fc8a4aac68cecc7a0eccd087b01ec22c649ebc9292fdebdd48063

    • SSDEEP

      12288:2YLY1birWYjdYmYD+lJ3YNDCDZstN9RglY2Y7tsYuxaYBIYa:bUAar1nbvILa

    Score
    8/10
    persistence

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks