Overview

overview

8

Static

static

1

4f1f6b3861...8d.vbs

windows7-x64

8

4f1f6b3861...8d.vbs

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    4f1f6b38616ce2f8c0b63b47aec5a614ec62d6ba66e8d31d61d26e3416f8e38d.vbs

  • Size

    6KB

  • Sample

    240602-krr7jahb85

  • MD5

    b0880a1b5d48b2c00faf73348e033026

  • SHA1

    9e1433caf796fcd191fb3a1214e36aae7985318e

  • SHA256

    4f1f6b38616ce2f8c0b63b47aec5a614ec62d6ba66e8d31d61d26e3416f8e38d

  • SHA512

    ea2fa6026b30158dfd58a61b236d3473e9c601807117593d81e21c6f6e9d2026217c2c093b3647a5d93625d60e9d8bd98c7038080283945217b58c3b1024c5ed

  • SSDEEP

    96:Ww/IRkcyXoAxpqzpZNPAOPEL3iM4N2FMUCndSZKVmwGC4xXxpZFd0V:XukPHxpq9ZN4OMDi5HnQA8XxJd0V

Score
8/10

Malware Config

Targets

    • Target

      4f1f6b38616ce2f8c0b63b47aec5a614ec62d6ba66e8d31d61d26e3416f8e38d.vbs

    • Size

      6KB

    • MD5

      b0880a1b5d48b2c00faf73348e033026

    • SHA1

      9e1433caf796fcd191fb3a1214e36aae7985318e

    • SHA256

      4f1f6b38616ce2f8c0b63b47aec5a614ec62d6ba66e8d31d61d26e3416f8e38d

    • SHA512

      ea2fa6026b30158dfd58a61b236d3473e9c601807117593d81e21c6f6e9d2026217c2c093b3647a5d93625d60e9d8bd98c7038080283945217b58c3b1024c5ed

    • SSDEEP

      96:Ww/IRkcyXoAxpqzpZNPAOPEL3iM4N2FMUCndSZKVmwGC4xXxpZFd0V:XukPHxpq9ZN4OMDi5HnQA8XxJd0V

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks