Overview

overview

8

Static

static

1

file.vbs

windows7-x64

1

file.vbs

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.vbs

  • Size

    2KB

  • Sample

    240526-t9kpvadg92

  • MD5

    99302e53d0025be05ad09a4b2787720d

  • SHA1

    769dc76ab84dd588a4ac2c5f90b02b04d2cd00fd

  • SHA256

    8f24af6b16e50c1fcacd744971d800382bc12d0043f3615c94703e3c51763604

  • SHA512

    324e73d79b1bdda41b32b4ee5e7ff77bf8baaeaceb437a665a92b68282e3e11ed02291ee148ea7d04a5e737a2ec6fc31c89ab9e4cea8de13f410a6c104386c0a

Score
8/10

Malware Config

Targets

    • Target

      file.vbs

    • Size

      2KB

    • MD5

      99302e53d0025be05ad09a4b2787720d

    • SHA1

      769dc76ab84dd588a4ac2c5f90b02b04d2cd00fd

    • SHA256

      8f24af6b16e50c1fcacd744971d800382bc12d0043f3615c94703e3c51763604

    • SHA512

      324e73d79b1bdda41b32b4ee5e7ff77bf8baaeaceb437a665a92b68282e3e11ed02291ee148ea7d04a5e737a2ec6fc31c89ab9e4cea8de13f410a6c104386c0a

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks