Overview

overview

10

Static

static

1

IZN.vbs

windows7-x64

10

IZN.vbs

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    IZN.vbs

  • Size

    457KB

  • Sample

    231012-nvmm1aab92

  • MD5

    4e0e9e0f395f03b895507b8e19e2db3d

  • SHA1

    3d1b86fb4fc5941b1f42184537305c076ff55da7

  • SHA256

    67d9093f3ec465f67fe8e49d5741a5e10b62860d68ed8275c30b73e5c20dda76

  • SHA512

    a607686298f50e9d09415fa90742064a5fc0277ebb759f5f4ef63e1949f8aafb7deaaed5a71c4b111fc6c319ad93751454647de3cbbeb346c20370302e6fe2a8

  • SSDEEP

    3072:IB3B3BkKqKqKqKqKqKxoFT/laToJNlhB9B4tBxBfHVBoBsdsuyGBbPtKqKqKqKq7:KywPs2uvGhgrbKFqm359UMl

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855
exe.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855

Targets

    • Target

      IZN.vbs

    • Size

      457KB

    • MD5

      4e0e9e0f395f03b895507b8e19e2db3d

    • SHA1

      3d1b86fb4fc5941b1f42184537305c076ff55da7

    • SHA256

      67d9093f3ec465f67fe8e49d5741a5e10b62860d68ed8275c30b73e5c20dda76

    • SHA512

      a607686298f50e9d09415fa90742064a5fc0277ebb759f5f4ef63e1949f8aafb7deaaed5a71c4b111fc6c319ad93751454647de3cbbeb346c20370302e6fe2a8

    • SSDEEP

      3072:IB3B3BkKqKqKqKqKqKxoFT/laToJNlhB9B4tBxBfHVBoBsdsuyGBbPtKqKqKqKq7:KywPs2uvGhgrbKFqm359UMl

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks