Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
30-12-2023 21:57
General
-
Target
1dc9befdbaf304d02a97cc1ff17577f2.vbs
-
Size
5KB
-
MD5
1dc9befdbaf304d02a97cc1ff17577f2
-
SHA1
70aee4afd70cd3a71320e49fe9918d1458d2f3a5
-
SHA256
7086d5baffe115ef49202a356e12373ee87c5556cb0fe4df288e173a05c876aa
-
SHA512
1b1eb28c9ec693a8b913d51e00ddc608f5aca9b22d4db6006e85ebb8796a19ef111f34fe71afb0689ae1993dd82a8edaad9618dd9886ecefe8a28c14bc47475c
-
SSDEEP
96:vuAa7sZ7ZM7dXssvJXzLEa57z5Fz5+M+LQMQC2+6:GZo7ZM7dXpXEaVHgLiCq
Malware Config
Signatures
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Drops autorun.inf file 1 TTPs 4 IoCs
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory 2 IoCs
-
Modifies Internet Explorer settings 1 TTPs 2 IoCs
Processes
-
C:\Windows\System32\WScript.exe"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\1dc9befdbaf304d02a97cc1ff17577f2.vbs"1⤵
- Adds Run key to start application
- Drops autorun.inf file
- Drops file in System32 directory
- Modifies Internet Explorer settings
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5KB
MD51dc9befdbaf304d02a97cc1ff17577f2
SHA170aee4afd70cd3a71320e49fe9918d1458d2f3a5
SHA2567086d5baffe115ef49202a356e12373ee87c5556cb0fe4df288e173a05c876aa
SHA5121b1eb28c9ec693a8b913d51e00ddc608f5aca9b22d4db6006e85ebb8796a19ef111f34fe71afb0689ae1993dd82a8edaad9618dd9886ecefe8a28c14bc47475c
-
Filesize
102B
MD52fadfb6d4b105977c1c77ec1b4cb4e48
SHA168531caf99e05cd9710cf1c43d7fac3fadbcb017
SHA256ab503b01876258458c51a769d97be4a19cd399d3e8a27f46933a9799ef5d531f
SHA5124235c51ed1b53fccddb0f04e8744e565f5b97f1f1b6152fb122bc3c5d38a95c08c1f9f1456f14da28875a9852c2f674a54efc12bd5e9068050aefe64f3186c20