4f0262681eee56267befc15aa3cebdc50e1094a472cd6eb06bc62bb2ffd9590b | Triage

Sharing

General

Target

Payment Copy 7044896741.vbs
Size

138KB
Sample

240611-xprt7sxfkd
MD5

fe294122e89f9063f5c3a94d8805927f
SHA1

a45c6c72b9663a0edb3362826d7dc319c4315153
SHA256

4f0262681eee56267befc15aa3cebdc50e1094a472cd6eb06bc62bb2ffd9590b
SHA512

7245c421c7c9162e85b146e63ab84414f8505351a444f7f50ece4bb6b275da378ad55e450b4f22baf4cfc9ab07c25fbde3355541aa4bb3a8bb4b4f3ce19aff8a
SSDEEP

1536:0id99CObS+SfcP2VaJK6uQyhhWW0/5Jh1svcdLg0BAbUZlu9gISsRT:0idrxJK6H/wcJg0BAcE

Score

8^/10

execution

Malware Config

Targets

- Target
  
  Payment Copy 7044896741.vbs
- Size
  
  138KB
- MD5
  
  fe294122e89f9063f5c3a94d8805927f
- SHA1
  
  a45c6c72b9663a0edb3362826d7dc319c4315153
- SHA256
  
  4f0262681eee56267befc15aa3cebdc50e1094a472cd6eb06bc62bb2ffd9590b
- SHA512
  
  7245c421c7c9162e85b146e63ab84414f8505351a444f7f50ece4bb6b275da378ad55e450b4f22baf4cfc9ab07c25fbde3355541aa4bb3a8bb4b4f3ce19aff8a
- SSDEEP
  
  1536:0id99CObS+SfcP2VaJK6uQyhhWW0/5Jh1svcdLg0BAbUZlu9gISsRT:0idrxJK6H/wcJg0BAcE
Score

8^/10

execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2