Overview

overview

8

Static

static

1

c9c2ddc71c...45.vbs

windows7-x64

8

c9c2ddc71c...45.vbs

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    c9c2ddc71cc9b025ea69178c8ad71b45

  • Size

    4KB

  • Sample

    240314-19e8paha3w

  • MD5

    c9c2ddc71cc9b025ea69178c8ad71b45

  • SHA1

    4858881f56c13dc76bba6710968c78167eaedda9

  • SHA256

    b9a9db62b43cfae12d92297da0b5f7e41ad3feabc4f23d07f46802754b96c1bf

  • SHA512

    34b4b9fe172b11bc721e97bf3f8c32c16be3ba56f660b642450dc7689cd4ec0a9d483411f71bfe0d3b4ab9d5aa9cb4123fe9ce00438234ac8544fa49d17d977c

  • SSDEEP

    96:+d+xbAutAbiPDUwmipzhp/wlFfKavSTDWHmRdSVyMO2za4/XW6x8c/fWOn/d:DbAutAbiPwApv/wTfKa+6HuQyOza4dfj

Score
8/10

Malware Config

Targets

    • Target

      c9c2ddc71cc9b025ea69178c8ad71b45

    • Size

      4KB

    • MD5

      c9c2ddc71cc9b025ea69178c8ad71b45

    • SHA1

      4858881f56c13dc76bba6710968c78167eaedda9

    • SHA256

      b9a9db62b43cfae12d92297da0b5f7e41ad3feabc4f23d07f46802754b96c1bf

    • SHA512

      34b4b9fe172b11bc721e97bf3f8c32c16be3ba56f660b642450dc7689cd4ec0a9d483411f71bfe0d3b4ab9d5aa9cb4123fe9ce00438234ac8544fa49d17d977c

    • SSDEEP

      96:+d+xbAutAbiPDUwmipzhp/wlFfKavSTDWHmRdSVyMO2za4/XW6x8c/fWOn/d:DbAutAbiPwApv/wTfKa+6HuQyOza4dfj

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks