a41aa6ac96ed5cceaa4ad9badd1b0d49c34aeb0513081a768fd0f9da2c4f9432 | Triage

Sharing

General

Target

CD-67684745.vbs
Size

523KB
Sample

230801-mwpcjsfc78
MD5

1b6a773e7b41d72ac6ec9fe8a34f91d4
SHA1

248cc0ba18ae516fa2112d1251a78dcab62fd0e5
SHA256

a41aa6ac96ed5cceaa4ad9badd1b0d49c34aeb0513081a768fd0f9da2c4f9432
SHA512

4c2f06eadb995d8940d212d62df7e7f779bdb94d822b2b99204a8b06876a0adab680e2149c5fd4f63385d42c1a07d4627dfc2de3668da72d22170a0a7989583d
SSDEEP

3072:o/7pOARK31NBilu1hhFl9BRBBVphffwieDalwP6OPQhSG1r1qhAWGC4yd:DdphfYieDalwP6OPQ7BsGC4yd

Score

8^/10

Malware Config

Targets

- Target
  
  CD-67684745.vbs
- Size
  
  523KB
- MD5
  
  1b6a773e7b41d72ac6ec9fe8a34f91d4
- SHA1
  
  248cc0ba18ae516fa2112d1251a78dcab62fd0e5
- SHA256
  
  a41aa6ac96ed5cceaa4ad9badd1b0d49c34aeb0513081a768fd0f9da2c4f9432
- SHA512
  
  4c2f06eadb995d8940d212d62df7e7f779bdb94d822b2b99204a8b06876a0adab680e2149c5fd4f63385d42c1a07d4627dfc2de3668da72d22170a0a7989583d
- SSDEEP
  
  3072:o/7pOARK31NBilu1hhFl9BRBBVphffwieDalwP6OPQhSG1r1qhAWGC4yd:DdphfYieDalwP6OPQ7BsGC4yd
Score

8^/10
- Blocklisted process makes network request
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2