General

  • Target

    ConfirmingPagadas.vbs

  • Size

    336KB

  • Sample

    230130-se2jface3s

  • MD5

    79acd11b5a893879f66b942c0255551a

  • SHA1

    75381aca76a61771c8ddf87cb252d1cf937e4c7e

  • SHA256

    e5d6f178c8ec39b38a9442d916430df30ad8d92b758275d46771826c73da4ffb

  • SHA512

    3173052287d46b61c88047f7f42d383db64f806555fe50014fa9a3e50c9b925dfedc3db00acfa6dfdd743e483f26ce31b86d8e163206f38833a994ff5145184e

  • SSDEEP

    6144:34zwC+tkObBKZ07RzugITV4E0xMnYm2xoOhegBgjTnd0:3s+trtKZ07BdsZYlhhewGTn6

Score
10/10

Malware Config

Targets

    • Target

      ConfirmingPagadas.vbs

    • Size

      336KB

    • MD5

      79acd11b5a893879f66b942c0255551a

    • SHA1

      75381aca76a61771c8ddf87cb252d1cf937e4c7e

    • SHA256

      e5d6f178c8ec39b38a9442d916430df30ad8d92b758275d46771826c73da4ffb

    • SHA512

      3173052287d46b61c88047f7f42d383db64f806555fe50014fa9a3e50c9b925dfedc3db00acfa6dfdd743e483f26ce31b86d8e163206f38833a994ff5145184e

    • SSDEEP

      6144:34zwC+tkObBKZ07RzugITV4E0xMnYm2xoOhegBgjTnd0:3s+trtKZ07BdsZYlhhewGTn6

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks