Overview

overview

8

Static

static

1

vbc.exe

windows7-x64

8

vbc.exe

windows10-2004-x64

7

Resubmissions

06/03/2023, 06:36

230306-hc3zdaae2s 7

06/03/2023, 06:33

230306-hbmk1aba35 7

13/02/2023, 03:10

230213-dpafdaad97 8

Sharing

Copy URL Twitter E-mail

General

  • Target

    vbc.exe

  • Size

    1.2MB

  • Sample

    230213-dpafdaad97

  • MD5

    9f80ff5c4d8509510d1d8cdef4eb3209

  • SHA1

    dfb89f61fa28f38faa839cfdf15330b1407449c5

  • SHA256

    9073ce0a4be6a6577b68949bae119ecc7c0449e4dcc906dd01845731dcef0792

  • SHA512

    5f9a1f543dd6d7c7dc873cf6740f084fb7040333d52cebb92c2f00ea322ede667e5e7dd38802747094290dee5a46b6f7aa9817c9c04d7cf5b650637ae863be6b

  • SSDEEP

    12288:cwVQOfWou9XRrIcQ5etzho8MKYan6ENu8avxnGQ5bAUW4zmLVGSh85nFRj/etuDZ:gj/mi3/N4cZYhjYXSeiiC

Score
8/10
spywarestealer

Malware Config

Targets

    • Target

      vbc.exe

    • Size

      1.2MB

    • MD5

      9f80ff5c4d8509510d1d8cdef4eb3209

    • SHA1

      dfb89f61fa28f38faa839cfdf15330b1407449c5

    • SHA256

      9073ce0a4be6a6577b68949bae119ecc7c0449e4dcc906dd01845731dcef0792

    • SHA512

      5f9a1f543dd6d7c7dc873cf6740f084fb7040333d52cebb92c2f00ea322ede667e5e7dd38802747094290dee5a46b6f7aa9817c9c04d7cf5b650637ae863be6b

    • SSDEEP

      12288:cwVQOfWou9XRrIcQ5etzho8MKYan6ENu8avxnGQ5bAUW4zmLVGSh85nFRj/etuDZ:gj/mi3/N4cZYhjYXSeiiC

    Score
    8/10
    spywarestealer

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks