eeb802aa132faf387bd18f64fb47c432e9d7f4e914515775b0879e9236383435 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

ass.vbs

windows7-x64

8

ass.vbs

windows10-2004-x64

8

Sharing

General

Target

ass.vbs
Size

1KB
Sample

240425-pe99ssae6t
MD5

6543b3ddab1447dd81d1f008f8895ac0
SHA1

835b051518de180705064745f87476b18004f540
SHA256

eeb802aa132faf387bd18f64fb47c432e9d7f4e914515775b0879e9236383435
SHA512

ac311ff6fea6a320207f4870577d73ac59585c005eae8db063c8d0c2effae681ae66c733061cf1a8dc672a6d948b3dd7ad5d682723294b12f3ebcf0ca0aa5bdd

Score

8^/10

evasion

Static task

static1

Behavioral task

behavioral1

Sample

ass.vbs

Resource

win7-20240221-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ass.vbs

Resource

win10v2004-20240226-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  ass.vbs
- Size
  
  1KB
- MD5
  
  6543b3ddab1447dd81d1f008f8895ac0
- SHA1
  
  835b051518de180705064745f87476b18004f540
- SHA256
  
  eeb802aa132faf387bd18f64fb47c432e9d7f4e914515775b0879e9236383435
- SHA512
  
  ac311ff6fea6a320207f4870577d73ac59585c005eae8db063c8d0c2effae681ae66c733061cf1a8dc672a6d948b3dd7ad5d682723294b12f3ebcf0ca0aa5bdd
Score

8^/10

evasion
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy