Overview

overview

8

Static

static

1

ec9cc1940f...cf.vbs

windows7-x64

8

ec9cc1940f...cf.vbs

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    75ec9f68a5b62705c115db5119a78134.bin

  • Size

    8KB

  • Sample

    240422-byzqhsdh9z

  • MD5

    3078fef08b4e7a70a316219c9f3f2f43

  • SHA1

    030c02cd3aaaf390ef8880ccabf4b9e0638cf15e

  • SHA256

    f4d46723d8153a91f6c43688a91b224659a34a8cf6f8cc2d07456cd31f670e78

  • SHA512

    d9b584b17b63ca82b95d50803d7315453dc7ec1648e9341d15dd79724d3efcf9565c40200e9c0db34a7c22df04c8d570ed8cffb6a07956881b07e0cee6bf0a09

  • SSDEEP

    192:7W3XTzgTcRsQl/rUImk/jMGeUuppAwl7rEvn8pb9MlF0YD34MQ3vQ:ynn/YImkrqppT3/TMYc39Q3vQ

Score
8/10

Malware Config

Targets

    • Target

      ec9cc1940fe395867f5bab06016920f7194d753ae8cfa331bea0a44ecc8ef7cf.vbs

    • Size

      27KB

    • MD5

      75ec9f68a5b62705c115db5119a78134

    • SHA1

      6209f948992fd18d4fc6fc6f89d9815369ac8931

    • SHA256

      ec9cc1940fe395867f5bab06016920f7194d753ae8cfa331bea0a44ecc8ef7cf

    • SHA512

      82a0d96640390b8ffdcecd34fc1ae1663c84a299448a5af02b24bf9b9e1fdd19954ceeeea555808a57fcdc452b2b6e598338f11bb0c7101b34934a8ec7bf1780

    • SSDEEP

      384:mrquVS33hr8nIsbSQVwooRmB7+shi14PdSkNk0dRL3K2fJ+QIHBR:mugSBrwIBQVwoI8dSMdBa2fGj

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks