Overview

overview

10

Static

static

1

facturas y...os.vbs

windows7-x64

10

facturas y...os.vbs

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    facturas y datos bancarios.vbs

  • Size

    4KB

  • Sample

    240113-ga56aachfn

  • MD5

    459d63c87281a7c35bd3fb015d41c155

  • SHA1

    14d20f30b220aa969573953606ddcd3392d3bfe2

  • SHA256

    0215fb5ca62cce5debc7bb6720ef089b075aa4167632ae21f9a1df42636b880c

  • SHA512

    ed0e3cb0430a7b2538da3aaa77cfbeeb17d32f5cf625c6eb33177409dd7754ae79ebf955ecdea23bc8ab3e4493dce5bdf7abbcd1bb69c723c93a1d63b3c2a1c7

  • SSDEEP

    96:SDv8vBDqazRdWDkXrV+DVfFf8f7RIT9r17T9rN9rz9rdf9rB:0uxda5tUD+T9x7T9R9f95f9l

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://firebasestorage.googleapis.com/v0/b/truk-droid.appspot.com/o/Droid%2BTurk.txt?alt=media&token=9399305d-e471-4325-b9cf-905c0718f95e

Targets

    • Target

      facturas y datos bancarios.vbs

    • Size

      4KB

    • MD5

      459d63c87281a7c35bd3fb015d41c155

    • SHA1

      14d20f30b220aa969573953606ddcd3392d3bfe2

    • SHA256

      0215fb5ca62cce5debc7bb6720ef089b075aa4167632ae21f9a1df42636b880c

    • SHA512

      ed0e3cb0430a7b2538da3aaa77cfbeeb17d32f5cf625c6eb33177409dd7754ae79ebf955ecdea23bc8ab3e4493dce5bdf7abbcd1bb69c723c93a1d63b3c2a1c7

    • SSDEEP

      96:SDv8vBDqazRdWDkXrV+DVfFf8f7RIT9r17T9rN9rz9rdf9rB:0uxda5tUD+T9x7T9R9f95f9l

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks