General

  • Target

    4e76d35876050637bd76b70b9edd08c2f3e1d793e87cda6c5946937638ee63c1.vbs

  • Size

    154KB

  • Sample

    240523-bvkgesgg58

  • MD5

    216c5eb8dea26cf3867f6ee5caff68d5

  • SHA1

    4eb2e87d709901f4d775e00ec24eff43a630704b

  • SHA256

    4e76d35876050637bd76b70b9edd08c2f3e1d793e87cda6c5946937638ee63c1

  • SHA512

    ebe8a27e86fbf4c1e8ff387d65f7c8f7967ff43ee0d50ce0b69468e4b211e1b27587dc377b9a4b94d6ffb57ceead67395984fa2d0e3a823475c9015568be2f51

  • SSDEEP

    1536:Tard99CObiVCocEW1aJK66n5yhtW0/5JpWnmcr/g0BGbUZlu9gISsRC:Ordg9JK6X/Rc7g0BGcp

Score
8/10

Malware Config

Targets

    • Target

      4e76d35876050637bd76b70b9edd08c2f3e1d793e87cda6c5946937638ee63c1.vbs

    • Size

      154KB

    • MD5

      216c5eb8dea26cf3867f6ee5caff68d5

    • SHA1

      4eb2e87d709901f4d775e00ec24eff43a630704b

    • SHA256

      4e76d35876050637bd76b70b9edd08c2f3e1d793e87cda6c5946937638ee63c1

    • SHA512

      ebe8a27e86fbf4c1e8ff387d65f7c8f7967ff43ee0d50ce0b69468e4b211e1b27587dc377b9a4b94d6ffb57ceead67395984fa2d0e3a823475c9015568be2f51

    • SSDEEP

      1536:Tard99CObiVCocEW1aJK66n5yhtW0/5JpWnmcr/g0BGbUZlu9gISsRC:Ordg9JK6X/Rc7g0BGcp

    Score
    8/10
    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks