d22ab4549b9f1a6ccdbb3371ab2e39b762ecfd34b1f9b022ae0ccc29b8709d2e | Triage

Sharing

General

Target

FL-674681.vbs.zip
Size

1KB
Sample

231013-dtmlhacc2v
MD5

6475344bdbd3b7b3009c640b1144b9c2
SHA1

2710e40bc647aea7e4f4e78574059ea058ecbda8
SHA256

d22ab4549b9f1a6ccdbb3371ab2e39b762ecfd34b1f9b022ae0ccc29b8709d2e
SHA512

faee66ee0055916ae4f0cf04662fda750e145b7f25403a6e691c1a7d2d5f7ad3ae81edf8f2f5d5b11541cc920248abc4110fe51bfeec95896756992d33da325d

Score

8^/10

Malware Config

Targets

- Target
  
  FL-674681.vbs
- Size
  
  3KB
- MD5
  
  cab106d7952a5c11aef886e3f6f692b3
- SHA1
  
  9e0e0fab2abb794571ea9bd6b57e5daca3908ff7
- SHA256
  
  f114827bc079cf5a923f7e3ad74ef399aedf0225d23ea7039a3dd68866664340
- SHA512
  
  6f1f0b79ac0d5b1c7cf339eede9c4c22c63d6673e83bff040827cb09d94083dbb86898442c474bdf713de2fdda98fac7c893ab7d520cd6c8edb0c1c7c1561993
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2