General
-
Target
PO7675JH647R-7458003.vbs
-
Size
339KB
-
Sample
221221-p2x8rafd8s
-
MD5
6af7dfbc2f5a867f11b8adff1150b5ba
-
SHA1
8e1d49a3856c57da40973102a96b892a31dee7f6
-
SHA256
f7748ac5b87db57d1d7fef3e21b2cb7c910a013489c47256594ab26e0a959b7e
-
SHA512
cd4ea26ffc7b60baf9d92ac64f02babec4a2d93a0bdb4d8d81d95888d83bb5183a8ba8e953fc5f3f264dbec4f239d4f4023825886be022503a6cfebc861ce1c7
-
SSDEEP
6144:dACvjkhn6pTmKLnbMhZYAEwISL7+qhMRRGdIf5fjeIdnB:dAC+n8SKLnEyc7+sMkoB
Static task
static1
Behavioral task
behavioral1
Sample
PO7675JH647R-7458003.vbs
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
PO7675JH647R-7458003.vbs
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
PO7675JH647R-7458003.vbs
-
Size
339KB
-
MD5
6af7dfbc2f5a867f11b8adff1150b5ba
-
SHA1
8e1d49a3856c57da40973102a96b892a31dee7f6
-
SHA256
f7748ac5b87db57d1d7fef3e21b2cb7c910a013489c47256594ab26e0a959b7e
-
SHA512
cd4ea26ffc7b60baf9d92ac64f02babec4a2d93a0bdb4d8d81d95888d83bb5183a8ba8e953fc5f3f264dbec4f239d4f4023825886be022503a6cfebc861ce1c7
-
SSDEEP
6144:dACvjkhn6pTmKLnbMhZYAEwISL7+qhMRRGdIf5fjeIdnB:dAC+n8SKLnEyc7+sMkoB
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-