Overview

overview

8

Static

static

1

94d2c18a5f...2a.vbs

windows7-x64

8

94d2c18a5f...2a.vbs

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94d2c18a5f1d846491e090c48e50d734a6b6cb86fe687422777818211bc6012a.vbs

  • Size

    37KB

  • Sample

    240502-b6xk5aff99

  • MD5

    bfc0272eb83ec6f3957900b6e01a0a4c

  • SHA1

    2972b88e3824832ea01e1a9c0c8b900df68303dc

  • SHA256

    94d2c18a5f1d846491e090c48e50d734a6b6cb86fe687422777818211bc6012a

  • SHA512

    21ed5f4244442e6b7251bdf3cf0a2411da321c979e3025b2c504601086c55dd53bb51ee4f6768fbdc36d5c204cb9e16e5ebdf5177736475eae53aa89e4bc1acb

  • SSDEEP

    384:6E/p5dFHavAyGP316sBeUdewRBAUW6NGK1XZnsnSkaPSRrM/CzuN:z/pRD3ssBbdJRBAUWIGKxZYwPSsv

Score
8/10

Malware Config

Targets

    • Target

      94d2c18a5f1d846491e090c48e50d734a6b6cb86fe687422777818211bc6012a.vbs

    • Size

      37KB

    • MD5

      bfc0272eb83ec6f3957900b6e01a0a4c

    • SHA1

      2972b88e3824832ea01e1a9c0c8b900df68303dc

    • SHA256

      94d2c18a5f1d846491e090c48e50d734a6b6cb86fe687422777818211bc6012a

    • SHA512

      21ed5f4244442e6b7251bdf3cf0a2411da321c979e3025b2c504601086c55dd53bb51ee4f6768fbdc36d5c204cb9e16e5ebdf5177736475eae53aa89e4bc1acb

    • SSDEEP

      384:6E/p5dFHavAyGP316sBeUdewRBAUW6NGK1XZnsnSkaPSRrM/CzuN:z/pRD3ssBbdJRBAUWIGKxZYwPSsv

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks