6facbc807174db80e55f63163b7299bcc716636379f8f93f8eb0b8b46bc1df47 | Triage

Sharing

General

Target

file.vbs
Size

1KB
Sample

240420-tmp12sch2t
MD5

fa820db307a523c9d451f44b78eed692
SHA1

00062d3e15f0fbf635df14e49dbc51b1f549fd31
SHA256

6facbc807174db80e55f63163b7299bcc716636379f8f93f8eb0b8b46bc1df47
SHA512

abfb211c27febcb3760f0851205d3dffe982ae5414d5aabe68bb5cb4c6cc8829af77d18d5e77121b5100dc7fcf427ce5bb94b9d328d9c9171398ae3cdbdb223c

Score

7^/10

Malware Config

Targets

- Target
  
  file.vbs
- Size
  
  1KB
- MD5
  
  fa820db307a523c9d451f44b78eed692
- SHA1
  
  00062d3e15f0fbf635df14e49dbc51b1f549fd31
- SHA256
  
  6facbc807174db80e55f63163b7299bcc716636379f8f93f8eb0b8b46bc1df47
- SHA512
  
  abfb211c27febcb3760f0851205d3dffe982ae5414d5aabe68bb5cb4c6cc8829af77d18d5e77121b5100dc7fcf427ce5bb94b9d328d9c9171398ae3cdbdb223c
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2