Overview

overview

10

Static

static

1

nicko.vbs

windows7-x64

10

nicko.vbs

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    nicko.vbs

  • Size

    181KB

  • Sample

    231012-qfb9tsbc9t

  • MD5

    f302addf3b4068888788d8edce8f52a0

  • SHA1

    315a84e64eef573402a49bb95975f53113378cd7

  • SHA256

    411ff6f1702fc4c00c095688a3e3e7bc2a495bea2b50debc326d76ed9dcfec20

  • SHA512

    926fc585f684c34f446d320d9279449b4a352948989306d3393022a520df3f2a5c85b7ff7b40522896a466b1539aa75bd419118bbdb1d12ae3bf06c480ce83f4

  • SSDEEP

    3072:HHLEIUXuwQzXWAf/F7TAinBoBsBsBsBsBsBZBsBsBsBsBsBIPxe633nylTP1P0B+:nLEIUXuwQzXWAXF7TAin2MMMMMPMMMMo

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937
exe.dropper

https://uploaddeimagens.com.br/images/004/616/609/original/rump_vbs.jpg?1695408937

Targets

    • Target

      nicko.vbs

    • Size

      181KB

    • MD5

      f302addf3b4068888788d8edce8f52a0

    • SHA1

      315a84e64eef573402a49bb95975f53113378cd7

    • SHA256

      411ff6f1702fc4c00c095688a3e3e7bc2a495bea2b50debc326d76ed9dcfec20

    • SHA512

      926fc585f684c34f446d320d9279449b4a352948989306d3393022a520df3f2a5c85b7ff7b40522896a466b1539aa75bd419118bbdb1d12ae3bf06c480ce83f4

    • SSDEEP

      3072:HHLEIUXuwQzXWAf/F7TAinBoBsBsBsBsBsBZBsBsBsBsBsBIPxe633nylTP1P0B+:nLEIUXuwQzXWAXF7TAin2MMMMMPMMMMo

    Score
    10/10

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks