a7024900ce77051e0df54b2553c5c18a90dafdc92fd8deaa9db50c2da551b549 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7024900ce77051e0df54b2553c5c18a90dafdc92fd8deaa9db50c2da551b549.vbs
Size

22KB
Sample

240531-lm7bbsdf8s
MD5

5a4ef048a5e3b38a1cfe3813955c1770
SHA1

86b17e10f9ce90466020115a3cfbd0ae124289cf
SHA256

a7024900ce77051e0df54b2553c5c18a90dafdc92fd8deaa9db50c2da551b549
SHA512

0c792d3d9ccef5130b655570dab5c22864696b5796bf0a02718e57a387c8944c3633de65e00a6dcf272f16155e927d818820311099df134776a62a6c4d2c7a64
SSDEEP

384:WryE8obOy6raaPOxBROArUfiyV9V4UXTDMm33/QCKPl84de6u8Y+9bkzxXXx5r6:WrwgO/aaPOxBNIdTDM634CKKSP9bsnxo

Score

8^/10

Malware Config

Targets

- Target
  
  a7024900ce77051e0df54b2553c5c18a90dafdc92fd8deaa9db50c2da551b549.vbs
- Size
  
  22KB
- MD5
  
  5a4ef048a5e3b38a1cfe3813955c1770
- SHA1
  
  86b17e10f9ce90466020115a3cfbd0ae124289cf
- SHA256
  
  a7024900ce77051e0df54b2553c5c18a90dafdc92fd8deaa9db50c2da551b549
- SHA512
  
  0c792d3d9ccef5130b655570dab5c22864696b5796bf0a02718e57a387c8944c3633de65e00a6dcf272f16155e927d818820311099df134776a62a6c4d2c7a64
- SSDEEP
  
  384:WryE8obOy6raaPOxBROArUfiyV9V4UXTDMm33/QCKPl84de6u8Y+9bkzxXXx5r6:WrwgO/aaPOxBNIdTDM634CKKSP9bsnxo
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2