1f4c382dee3a98bd6b3bbbf875f7c49d2127a8cea7e1e2feff2d20ff27dd4799 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f4c382dee3a98bd6b3bbbf875f7c49d2127a8cea7e1e2feff2d20ff27dd4799.vbs
Size

14KB
Sample

240605-bj7sksad86
MD5

8bae164fec49a354fc8367b53b27fcd5
SHA1

4a7b25b3853e1cb200f4e217e718c691eb2075b8
SHA256

1f4c382dee3a98bd6b3bbbf875f7c49d2127a8cea7e1e2feff2d20ff27dd4799
SHA512

102b1b8e8f29b899d38e2fec67228fa8078bb8b82e5982f0d5ae785a5ead464de0cc17bf5484f9238f3aa93778a02d800e9c730eb25035f5a6a71be2bb283665
SSDEEP

192:uD3gOhEMOYt4wVTUpAnS+AQ4in8GiY6IdVqqJCIgCivAajbQQRpoAUdUQ4X/X:uDw0tz5UXzQPn8PUVqU6CSNPQO35X

Score

8^/10

Malware Config

Targets

- Target
  
  1f4c382dee3a98bd6b3bbbf875f7c49d2127a8cea7e1e2feff2d20ff27dd4799.vbs
- Size
  
  14KB
- MD5
  
  8bae164fec49a354fc8367b53b27fcd5
- SHA1
  
  4a7b25b3853e1cb200f4e217e718c691eb2075b8
- SHA256
  
  1f4c382dee3a98bd6b3bbbf875f7c49d2127a8cea7e1e2feff2d20ff27dd4799
- SHA512
  
  102b1b8e8f29b899d38e2fec67228fa8078bb8b82e5982f0d5ae785a5ead464de0cc17bf5484f9238f3aa93778a02d800e9c730eb25035f5a6a71be2bb283665
- SSDEEP
  
  192:uD3gOhEMOYt4wVTUpAnS+AQ4in8GiY6IdVqqJCIgCivAajbQQRpoAUdUQ4X/X:uDw0tz5UXzQPn8PUVqU6CSNPQO35X
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2