797d1e26627edc08b14115be88f873fb69209e857e3a6471ee0940b7edf4cf77 | Triage

Sharing

General

Target

s.vbs
Size

458B
Sample

231014-b3n5ksac8t
MD5

00e4ae64fe096d7698880cfa7dc7e2fe
SHA1

5afcc99faa626c33f5cbc58af3406e362d122a1f
SHA256

797d1e26627edc08b14115be88f873fb69209e857e3a6471ee0940b7edf4cf77
SHA512

4cfe8cd3a6cbd8296820633218640959baefb413da9549da69e245990a40c59e57a939707c01aef65840523550b8af59b4d4d3206e6a74f5e37cb3e9f4426b76

Score

8^/10

Malware Config

Targets

- Target
  
  s.vbs
- Size
  
  458B
- MD5
  
  00e4ae64fe096d7698880cfa7dc7e2fe
- SHA1
  
  5afcc99faa626c33f5cbc58af3406e362d122a1f
- SHA256
  
  797d1e26627edc08b14115be88f873fb69209e857e3a6471ee0940b7edf4cf77
- SHA512
  
  4cfe8cd3a6cbd8296820633218640959baefb413da9549da69e245990a40c59e57a939707c01aef65840523550b8af59b4d4d3206e6a74f5e37cb3e9f4426b76
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2