a873a7d3b90c6f2d156e5026b72a5652d4893081cd188300141a95dc38cba56b | Triage

Sharing

General

Target

gatherNetworkInfo.vbs
Size

39KB
Sample

231116-j4shdsaa3t
MD5

2ae808cb0d9a667b0cf41ea74b3b9bac
SHA1

628b6b4bf3cc7f77578cf3ccfcc587dbf9ec7e07
SHA256

a873a7d3b90c6f2d156e5026b72a5652d4893081cd188300141a95dc38cba56b
SHA512

667e1d082658b36cf7d8cae68d6055a51599d7d411fd5615f1431e15a0d30f267f6447b575bebc034ac7e9b77a1b478c3718801f9848945140be4ee979bc8bff
SSDEEP

768:8IYHILRGUJX4mlrU5R/A+Tr/GsfpkgKo9kNxyJ4OORfWXyB22rQeWE5TloYL7TBY:8IYHILRGUJImlrc/A+3fpkgKo9kNxyJt

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  gatherNetworkInfo.vbs
- Size
  
  39KB
- MD5
  
  2ae808cb0d9a667b0cf41ea74b3b9bac
- SHA1
  
  628b6b4bf3cc7f77578cf3ccfcc587dbf9ec7e07
- SHA256
  
  a873a7d3b90c6f2d156e5026b72a5652d4893081cd188300141a95dc38cba56b
- SHA512
  
  667e1d082658b36cf7d8cae68d6055a51599d7d411fd5615f1431e15a0d30f267f6447b575bebc034ac7e9b77a1b478c3718801f9848945140be4ee979bc8bff
- SSDEEP
  
  768:8IYHILRGUJX4mlrU5R/A+Tr/GsfpkgKo9kNxyJ4OORfWXyB22rQeWE5TloYL7TBY:8IYHILRGUJImlrc/A+3fpkgKo9kNxyJt
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2