27249f62ea4fcc3e00faa8999cb65ab4eecb808d3fdb9b70c96d361f29f4898f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Trial.vbs
Size

5KB
Sample

231123-pxc21shg54
MD5

86f97a397b59ac321307e270f09129bf
SHA1

f3e29823459f287de88b18bb1d89d0135c61a5f8
SHA256

27249f62ea4fcc3e00faa8999cb65ab4eecb808d3fdb9b70c96d361f29f4898f
SHA512

f4e3882201bdb9e7a59c060e9767b7b54558425b1e1b60e753502d770bc7a34edd73c77d75f12091e8f83f9a5f8d384ce37bdb7d133b2c6eef3f42d4831eae3c
SSDEEP

96:zGsBc83LVrRS4q0Xk+ZAdMfjKQglINqmvT7KxJwogDjJH4RSivezInTiRtslrOJ0:zGoc835ldscwSvTW7wo6JYRSirnTiaD

Score

8^/10

Malware Config

Targets

- Target
  
  Trial.vbs
- Size
  
  5KB
- MD5
  
  86f97a397b59ac321307e270f09129bf
- SHA1
  
  f3e29823459f287de88b18bb1d89d0135c61a5f8
- SHA256
  
  27249f62ea4fcc3e00faa8999cb65ab4eecb808d3fdb9b70c96d361f29f4898f
- SHA512
  
  f4e3882201bdb9e7a59c060e9767b7b54558425b1e1b60e753502d770bc7a34edd73c77d75f12091e8f83f9a5f8d384ce37bdb7d133b2c6eef3f42d4831eae3c
- SSDEEP
  
  96:zGsBc83LVrRS4q0Xk+ZAdMfjKQglINqmvT7KxJwogDjJH4RSivezInTiRtslrOJ0:zGoc835ldscwSvTW7wo6JYRSirnTiaD
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2