6edae4802f00f7339f786534c29bf22b1f9c0cd0920a88f884be66bf563a1c02 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

ass.vbs

windows7-x64

8

ass.vbs

windows10-2004-x64

Sharing

General

Target

ass.vbs
Size

1KB
Sample

240425-ng8nbaab6y
MD5

0971210e69a8fc2d1bfc3a2549226f99
SHA1

4f3ac74c56e81868e252c8e057fb88b0de039605
SHA256

6edae4802f00f7339f786534c29bf22b1f9c0cd0920a88f884be66bf563a1c02
SHA512

c4ca0e5772e9a2cee310f5b39b6b94b7a04656d7a7e344b275a26657e43a1b71a6c4ccff7c90d8128b5b767af16d590c7070a5d57fe9ac93c79ee0d9a5988ea2

Score

8^/10

evasion

Static task

static1

Behavioral task

behavioral1

Sample

ass.vbs

Resource

win7-20240221-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ass.vbs

Resource

win10v2004-20240412-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  ass.vbs
- Size
  
  1KB
- MD5
  
  0971210e69a8fc2d1bfc3a2549226f99
- SHA1
  
  4f3ac74c56e81868e252c8e057fb88b0de039605
- SHA256
  
  6edae4802f00f7339f786534c29bf22b1f9c0cd0920a88f884be66bf563a1c02
- SHA512
  
  c4ca0e5772e9a2cee310f5b39b6b94b7a04656d7a7e344b275a26657e43a1b71a6c4ccff7c90d8128b5b767af16d590c7070a5d57fe9ac93c79ee0d9a5988ea2
Score

8^/10

evasion
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy