23a4079e5d4e4c0c5a45c4761278378872f8e3fb869f1b530e89e89332970c90 | Triage

Sharing

General

Target

ass.vbs
Size

376B
Sample

240425-ndz7rsab67
MD5

aca361ce3da155352d936bdaab87653a
SHA1

ef094d2b2517d072256138945e716db4e8182512
SHA256

23a4079e5d4e4c0c5a45c4761278378872f8e3fb869f1b530e89e89332970c90
SHA512

19f8986666b1703c531cd4fc7f2f8c15d3faadd6b2ef59897cea13e03fff10412044e2fcb6dc796aad969f31ae539f54e695b8473888b976e796680557d09ca4

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  ass.vbs
- Size
  
  376B
- MD5
  
  aca361ce3da155352d936bdaab87653a
- SHA1
  
  ef094d2b2517d072256138945e716db4e8182512
- SHA256
  
  23a4079e5d4e4c0c5a45c4761278378872f8e3fb869f1b530e89e89332970c90
- SHA512
  
  19f8986666b1703c531cd4fc7f2f8c15d3faadd6b2ef59897cea13e03fff10412044e2fcb6dc796aad969f31ae539f54e695b8473888b976e796680557d09ca4
Score

8^/10

evasion
- Disables Task Manager via registry modification
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2