259e6985a69d303cbd0945bb663c8ad54c28ef2cce53c2271b6e4912476d6f7b | Triage

Sharing

General

Target

259e6985a69d303cbd0945bb663c8ad54c28ef2cce53c2271b6e4912476d6f7b.vbs
Size

21KB
Sample

240612-bj81msxdlm
MD5

24dac6b183fc5cb29533742b3e54f209
SHA1

102f41208323839ecbcff8fef13e1ccf23b7a608
SHA256

259e6985a69d303cbd0945bb663c8ad54c28ef2cce53c2271b6e4912476d6f7b
SHA512

f4d20eb40e1e617e4d70c96b6f7b066b617efd17a28d04d3be38a60eb2cce17ceb8f1595bb16a8bf2b71147354a65ec5e8f3046caa81156809453238c687a289
SSDEEP

384:wgbqVWY0OjSRKdmkhYL4TGDiTkmZ0u4i9nLYgMstmCzmZrCF1956lbeTTA1HJH91:wgbqVWY0OjSRKd/hYL4TGDiTkmZ0Ti9a

Score

8^/10

execution

Malware Config

Targets

- Target
  
  259e6985a69d303cbd0945bb663c8ad54c28ef2cce53c2271b6e4912476d6f7b.vbs
- Size
  
  21KB
- MD5
  
  24dac6b183fc5cb29533742b3e54f209
- SHA1
  
  102f41208323839ecbcff8fef13e1ccf23b7a608
- SHA256
  
  259e6985a69d303cbd0945bb663c8ad54c28ef2cce53c2271b6e4912476d6f7b
- SHA512
  
  f4d20eb40e1e617e4d70c96b6f7b066b617efd17a28d04d3be38a60eb2cce17ceb8f1595bb16a8bf2b71147354a65ec5e8f3046caa81156809453238c687a289
- SSDEEP
  
  384:wgbqVWY0OjSRKdmkhYL4TGDiTkmZ0u4i9nLYgMstmCzmZrCF1956lbeTTA1HJH91:wgbqVWY0OjSRKd/hYL4TGDiTkmZ0Ti9a
Score

8^/10

execution
- Blocklisted process makes network request
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2