03bdedbb74a70905bb9d3e1517e86bd29efa230dd299f4133f9367d733771644 | Triage

Sharing

General

Target

fedex awb & invoice.vbs
Size

4KB
Sample

240406-janbkseb54
MD5

6266619b3f1cc5b948b5a2e65e4ad466
SHA1

9f29ba2696bbe74ff0288c959a19e029469ddedd
SHA256

03bdedbb74a70905bb9d3e1517e86bd29efa230dd299f4133f9367d733771644
SHA512

aaf5d32dc24b77405293652dba9072a20a79d3eb9dedfbc9951f49f01c62e863e8fe832b78e84f9a32ec472d8a6b796ee585a23cd6fc9103c9fa4479f0848e04
SSDEEP

96:hUQVuRxs7wOntVqbMTRo15wSiL6KMPUQVIg8fMwGZ2k7:hwRq0OnRo12pMPoUz2k7

Score

8^/10

Malware Config

Targets

- Target
  
  fedex awb & invoice.vbs
- Size
  
  4KB
- MD5
  
  6266619b3f1cc5b948b5a2e65e4ad466
- SHA1
  
  9f29ba2696bbe74ff0288c959a19e029469ddedd
- SHA256
  
  03bdedbb74a70905bb9d3e1517e86bd29efa230dd299f4133f9367d733771644
- SHA512
  
  aaf5d32dc24b77405293652dba9072a20a79d3eb9dedfbc9951f49f01c62e863e8fe832b78e84f9a32ec472d8a6b796ee585a23cd6fc9103c9fa4479f0848e04
- SSDEEP
  
  96:hUQVuRxs7wOntVqbMTRo15wSiL6KMPUQVIg8fMwGZ2k7:hwRq0OnRo12pMPoUz2k7
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2