Overview

overview

8

Static

static

1

D0C1813.IMG.vbs

windows7-x64

8

D0C1813.IMG.vbs

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    24112023_1527_Document_protected245.img

  • Size

    548KB

  • Sample

    231124-h94l6sge67

  • MD5

    e5222b36fc54055990085060be46e32a

  • SHA1

    2bd566e306371e943cd0609cd076645432351138

  • SHA256

    bd90a06957f3a1da775997eb1f01a43a59bb32053e4369985cb21a1ce17bdc0a

  • SHA512

    90bed74c20a220ac065a0d930eaddacaaa2d6f121849abe3892bd96bfee50b814eade4024aef6cabf5eb73dd0545574c42bff00f60163ce7cfe809be7a3d4a30

  • SSDEEP

    384:VVyO1yQEZv+wN//bn7CGqWdoeZI0KA7mwoJKCUy:tw/N//bn7C7IQA7ToQy

Score
8/10

Malware Config

Targets

    • Target

      D0C1813.IMG.VBS

    • Size

      10KB

    • MD5

      b42523e0fe75c29b6bfe6e2d1c310e10

    • SHA1

      4e46f1e36862339aa6cfa6366e909e25a906144b

    • SHA256

      878602064b965c25e531014f51ad0653731f9c1ab19ab05c2b2619d9500e7241

    • SHA512

      d04ef1ea590ec002d6d4b6ad0230e79329f7b934e9b980e35828704fa2d469a5b8b136d7ac98b1e02c5ebd78dfe4af2df31aeebb980d396672d1c2658c222ec3

    • SSDEEP

      192:4+wN//gYnrFYHaos+m2NaWuHKthC/vNofZEhtZIAd9LGKKANFmwoJKKRI/rGEaS:4+wN//bn7CGqWdoeZI0KA7mwoJKCUyS

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks