General
-
Target
INFORMACION DETALLADA BOLETA DE CITACION FISCALIA GENERAL DE LA NACION RADICADO#2023-6666958-996520-PDF (2).vbs
-
Size
585KB
-
Sample
230607-svq3mscb84
-
MD5
53e0e83caf70d19261f4083978938824
-
SHA1
1d466f06b727736440a5808b5963e51fa22d29f4
-
SHA256
b5ff070aa79546ee662377a44ea58f3b5d6f0c1e6a1498a983096b2b4790587e
-
SHA512
49a489d22a731885764ef7e71373fea7e3f4c0259c63bccd774ef2f587ee91341045612e34eea44e443b765dbdcf6994343c6f81a051f92e22b8e2de1b760444
-
SSDEEP
3072:dsG7wfkYFEhNe4VTdRnTT8w4TWq9TpoKlz/vPUjUJ2TZqs4gospW+og0S7wQzS1y:vwfkYFXsZqc
Static task
static1
Behavioral task
behavioral1
Sample
INFORMACION DETALLADA BOLETA DE CITACION FISCALIA GENERAL DE LA NACION RADICADO#2023-6666958-996520-PDF (2).vbs
Resource
win7-20230220-en
Malware Config
Extracted
njrat
0.7NC
NYAN CAT
bogota2023.duckdns.org:1111
cd12ab51ee7e4972bb
-
reg_key
cd12ab51ee7e4972bb
-
splitter
@!#&^%$
Targets
-
-
Target
INFORMACION DETALLADA BOLETA DE CITACION FISCALIA GENERAL DE LA NACION RADICADO#2023-6666958-996520-PDF (2).vbs
-
Size
585KB
-
MD5
53e0e83caf70d19261f4083978938824
-
SHA1
1d466f06b727736440a5808b5963e51fa22d29f4
-
SHA256
b5ff070aa79546ee662377a44ea58f3b5d6f0c1e6a1498a983096b2b4790587e
-
SHA512
49a489d22a731885764ef7e71373fea7e3f4c0259c63bccd774ef2f587ee91341045612e34eea44e443b765dbdcf6994343c6f81a051f92e22b8e2de1b760444
-
SSDEEP
3072:dsG7wfkYFEhNe4VTdRnTT8w4TWq9TpoKlz/vPUjUJ2TZqs4gospW+og0S7wQzS1y:vwfkYFXsZqc
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-