59704f1dd21eb469bca6eddc2b1b6206e121595cf9246746e1e7d304adbe595c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Bullvalene.vbs
Size

1KB
Sample

240501-q28j6agb6x
MD5

22f28daea92ef68e7defb71f603e0a31
SHA1

9c84aa3873bab82b851ddf8e2b374b01b314acb2
SHA256

59704f1dd21eb469bca6eddc2b1b6206e121595cf9246746e1e7d304adbe595c
SHA512

de64c216f08cc2417ab6726c499f3fa0039095ee5a31ef034f4849eb66820094d202df5eff8b0622d839a065cc475b149d2fc3daa2bbbc8912b84c9b8dd6d3c5

Score

8^/10

ransomware

Malware Config

Targets

- Target
  
  Bullvalene.vbs
- Size
  
  1KB
- MD5
  
  22f28daea92ef68e7defb71f603e0a31
- SHA1
  
  9c84aa3873bab82b851ddf8e2b374b01b314acb2
- SHA256
  
  59704f1dd21eb469bca6eddc2b1b6206e121595cf9246746e1e7d304adbe595c
- SHA512
  
  de64c216f08cc2417ab6726c499f3fa0039095ee5a31ef034f4849eb66820094d202df5eff8b0622d839a065cc475b149d2fc3daa2bbbc8912b84c9b8dd6d3c5
Score

8^/10

ransomware
- Blocklisted process makes network request
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2