General
-
Target
39f598054d0d5f0f7f09669c029cb7cf6a0611e218553120d68cfeb69ec22642.zip
-
Size
6KB
-
Sample
240323-cmkmwscb49
-
MD5
480aee6e6dc6f3a1b62a8e43cfe0e28b
-
SHA1
d91014fe360d44e12de106b872b3e14d632e3c2e
-
SHA256
39f598054d0d5f0f7f09669c029cb7cf6a0611e218553120d68cfeb69ec22642
-
SHA512
df9874ae1e6fc9ffea4ea011102417fce442335add54b3f7d6df0380c4186999f2bdf81770221736661fcdbfda0ab9f2838a9e5e583214795932f9fb78c9391d
-
SSDEEP
96:Q25ENmusjYT5nYO/K1KdvQswcd3H5G0fT4M3zXSMjhvccKCYOiFkxsTri7lsjgrJ:Q2WrKYJowv3H5G0fT/xO/nkmTehrJlh
Static task
static1
Behavioral task
behavioral1
Sample
awb_shipping_documents_22_03_2024_000000000.vbs
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
awb_shipping_documents_22_03_2024_000000000.vbs
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
awb_shipping_documents_22_03_2024_000000000.vbs.vbs
-
Size
11KB
-
MD5
6646a9bb09a2b4728226279754b6dafe
-
SHA1
d3a0ce176ab0318ee04af196c94c4651c45669aa
-
SHA256
c8516d6d8b755bebd51020602814ee36f447cf379f7e0ac0be3f576f573ada37
-
SHA512
98c92b70a97659ecdc0f032582e8515b40f0841a1ea83918639e3f6ad6a3f014b938aa958eeea968b795945e40bc21e2ea2d371d1fef72d8b02af3747d19a7c8
-
SSDEEP
192:1NCDZe4/HFVEKNCLDyOjduQ1PrWZj5DagfFWLJVgf/CNIY84aXn:2DZe4bKduoPAj5Vteg/CM4aXn
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-