General
-
Target
instalador_módulo.vbs
-
Size
1KB
-
Sample
230331-yj9nhach86
-
MD5
54ebc210542740a1f1ab173c99026e7c
-
SHA1
8071e29cae6f8f7956a7d1e681f8fe113b20a512
-
SHA256
daf78d8259450bab99d1b2bf2b2a20c44c49b33c4c100dbe334446f20d9e4319
-
SHA512
f2ed53bb4d8bc354366e2e59bd02e37191cfc3848a0525c656e9fe71703000bdd890769f55be49d7801290a165eca83dd93bb6e84c0c814a97300446de7c1a9c
Static task
static1
Behavioral task
behavioral1
Sample
instalador_módulo.vbs
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
instalador_módulo.vbs
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
instalador_módulo.vbs
-
Size
1KB
-
MD5
54ebc210542740a1f1ab173c99026e7c
-
SHA1
8071e29cae6f8f7956a7d1e681f8fe113b20a512
-
SHA256
daf78d8259450bab99d1b2bf2b2a20c44c49b33c4c100dbe334446f20d9e4319
-
SHA512
f2ed53bb4d8bc354366e2e59bd02e37191cfc3848a0525c656e9fe71703000bdd890769f55be49d7801290a165eca83dd93bb6e84c0c814a97300446de7c1a9c
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-