Overview

overview

10

Static

static

1

Revised or...23.vbs

windows7-x64

10

Revised or...23.vbs

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Revised orders #0427023.vbs

  • Size

    356KB

  • Sample

    231012-tyq3gsdf33

  • MD5

    63285d30ad5f668be67527ec6769bbd0

  • SHA1

    0ff62ee4448ba44ec1e533a675f1c87dd69be077

  • SHA256

    41bb5c0cc646087944c987764fd0a1b451ba18347ac681a0feb690aba29b32e5

  • SHA512

    3f44c6101829eb1437d40ba282376ac5ebff58731caada1a9089e459bf27f862346979725e050f4a4bb9400e677b6ae553619df5d9d2a7b8882cca1e95727e97

  • SSDEEP

    6144:7nDNa39lLUUxHUUd05brxi0wOLF5t0sRv11rUUUUOhCfktA5RMZGByJ:3Na39lLUUxHUUd05brxi0wOLF5t0sRvQ

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
ps1.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855
exe.dropper

https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855

Targets

    • Target

      Revised orders #0427023.vbs

    • Size

      356KB

    • MD5

      63285d30ad5f668be67527ec6769bbd0

    • SHA1

      0ff62ee4448ba44ec1e533a675f1c87dd69be077

    • SHA256

      41bb5c0cc646087944c987764fd0a1b451ba18347ac681a0feb690aba29b32e5

    • SHA512

      3f44c6101829eb1437d40ba282376ac5ebff58731caada1a9089e459bf27f862346979725e050f4a4bb9400e677b6ae553619df5d9d2a7b8882cca1e95727e97

    • SSDEEP

      6144:7nDNa39lLUUxHUUd05brxi0wOLF5t0sRv11rUUUUOhCfktA5RMZGByJ:3Na39lLUUxHUUd05brxi0wOLF5t0sRvQ

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks