Overview

overview

8

Static

static

1

run.vbs

windows7-x64

1

run.vbs

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    run.vbs

  • Size

    3KB

  • Sample

    240526-wqc7rseh5v

  • MD5

    da537113e72aafb285f3946fe7491c9e

  • SHA1

    b4c64ac533465609bfc0d5d5b718eae8749d63d2

  • SHA256

    0155a55d22cd62bf4d252da6224f3057a1b3d324b2eee3b4d8dea541133beee5

  • SHA512

    15d3bd7e06b1639267e03194db475d00266a27cd5966682c59772e73020228c30628cf117c7be73ab415b235fe0603fbb3e597a2445ca98d65b8cdc10bfa03c4

Score
8/10

Malware Config

Targets

    • Target

      run.vbs

    • Size

      3KB

    • MD5

      da537113e72aafb285f3946fe7491c9e

    • SHA1

      b4c64ac533465609bfc0d5d5b718eae8749d63d2

    • SHA256

      0155a55d22cd62bf4d252da6224f3057a1b3d324b2eee3b4d8dea541133beee5

    • SHA512

      15d3bd7e06b1639267e03194db475d00266a27cd5966682c59772e73020228c30628cf117c7be73ab415b235fe0603fbb3e597a2445ca98d65b8cdc10bfa03c4

    Score
    8/10

    • Blocklisted process makes network request

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks