General
-
Target
見積依頼先_(OU)_OSAKA-2024100044-05JP·pdf.zip
-
Size
72KB
-
Sample
240325-jcv47saf79
-
MD5
294f6ab446b282176aa35550e0ff0819
-
SHA1
f0726215c4db47c14f100b16d3e97f79e0f0af6a
-
SHA256
903ab5d44a560508bd22ad1dd43fb10e603f1cdc7478dbec70f58c772294f56c
-
SHA512
efebd36f18658c82a7da26001c7299957e45bfed8fde14c988a0480c6da315d6c4ac90fecc33d13e7a593c2001a1035c192d59a2c78615f16b5689a37a6b2410
-
SSDEEP
1536:vvPoG2ZaHY4GqLWkLjrbHVgxExMKcDF26vhX3S0NKqjdB5mTeQE1sNCC3LNg:vHoG/HZxL1nrRCov8zvhXi0vhB5m6s3O
Static task
static1
Behavioral task
behavioral1
Sample
見積依頼先_(OU)_OSAKA-2024100044-05JP·pdf.vbs
Resource
win10v2004-20240226-ja
Malware Config
Targets
-
-
Target
見積依頼先_(OU)_OSAKA-2024100044-05JP·pdf.vbs
-
Size
181KB
-
MD5
5abfcbce1f90501808379e179feb51c8
-
SHA1
e305ee8202f579517fe0634e22346584aaf4c148
-
SHA256
7698fb4c720a5c5810a8b80ae25ef1e6f5185e49cb151ef21937f0788276354e
-
SHA512
616becc5031d7b1d3e0b08b86a7a90b8a354a2357fe0fafe6e0e16c094eadfea2362452e32169b32f322b2c06e11c79b6220a40c8bd46be7dde21d086c7c2a5b
-
SSDEEP
3072:XPvtrVR7t/zhP5AbvMZoxnRcRKKh14t8EIuvQcVi1l8ok/1fyLbvj/3s0oV++hyC:/vdVR7tLhxAbvMZoxnRcsK3M8EIOQcVJ
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-