General
-
Target
7c9097341df9125478424c57b39c394062838aaa04bcc5725cd4a49a3b3555d9.vbs
-
Size
15KB
-
Sample
240523-b3lpfsha2y
-
MD5
3ed6d6263087df6acb50d383f9646c77
-
SHA1
3d11f3a396909f4bdda0b8b8bb7ef6b8abbad17c
-
SHA256
7c9097341df9125478424c57b39c394062838aaa04bcc5725cd4a49a3b3555d9
-
SHA512
e5ce4ee9fb452025cff79e23c3f335fe8b34dce4e5b315e258815212ac9cd929881c690a95d397deec0c635a0115c4eb176b557e2e877449e9a9116f8dc99f64
-
SSDEEP
192:3Kyq8AvxRaqxtLpoMPpzkd/5Bpt0yPPGEIv97BreF56xrkoAD+h0nVJ:ayqlZRzmMxI19PGn9kF0xrgD+m
Static task
static1
Behavioral task
behavioral1
Sample
7c9097341df9125478424c57b39c394062838aaa04bcc5725cd4a49a3b3555d9.vbs
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7c9097341df9125478424c57b39c394062838aaa04bcc5725cd4a49a3b3555d9.vbs
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
7c9097341df9125478424c57b39c394062838aaa04bcc5725cd4a49a3b3555d9.vbs
-
Size
15KB
-
MD5
3ed6d6263087df6acb50d383f9646c77
-
SHA1
3d11f3a396909f4bdda0b8b8bb7ef6b8abbad17c
-
SHA256
7c9097341df9125478424c57b39c394062838aaa04bcc5725cd4a49a3b3555d9
-
SHA512
e5ce4ee9fb452025cff79e23c3f335fe8b34dce4e5b315e258815212ac9cd929881c690a95d397deec0c635a0115c4eb176b557e2e877449e9a9116f8dc99f64
-
SSDEEP
192:3Kyq8AvxRaqxtLpoMPpzkd/5Bpt0yPPGEIv97BreF56xrkoAD+h0nVJ:ayqlZRzmMxI19PGn9kF0xrgD+m
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-