5d876d62f1291cfc7bf91819bd1fe4ba4da76828e7542704fd2f2605a5fa39b7 | Triage

Sharing

General

Target

5d876d62f1291cfc7bf91819bd1fe4ba4da76828e7542704fd2f2605a5fa39b7.vbs
Size

21KB
Sample

240612-bwqptsxfrk
MD5

eea263df06eedb62e8ef52449d443147
SHA1

7cdce2d9268039b378ad4aa43faa1b2f31824f2b
SHA256

5d876d62f1291cfc7bf91819bd1fe4ba4da76828e7542704fd2f2605a5fa39b7
SHA512

ced1a2bc7fe2bec45063b6a930bc7700502d8dfe33623e466a8917401a8f00b19ca0d37f47b0bbb15c21077c5d84b64760643a86b21f21e2d0a122d46aa829ab
SSDEEP

384:QphF0OupkJEIrWJIxrDhnbJ2JsEk2ZMPc6q:QphiOupkJRWJIxrlbQGElZMk6q

Score

8^/10

execution

Malware Config

Targets

- Target
  
  5d876d62f1291cfc7bf91819bd1fe4ba4da76828e7542704fd2f2605a5fa39b7.vbs
- Size
  
  21KB
- MD5
  
  eea263df06eedb62e8ef52449d443147
- SHA1
  
  7cdce2d9268039b378ad4aa43faa1b2f31824f2b
- SHA256
  
  5d876d62f1291cfc7bf91819bd1fe4ba4da76828e7542704fd2f2605a5fa39b7
- SHA512
  
  ced1a2bc7fe2bec45063b6a930bc7700502d8dfe33623e466a8917401a8f00b19ca0d37f47b0bbb15c21077c5d84b64760643a86b21f21e2d0a122d46aa829ab
- SSDEEP
  
  384:QphF0OupkJEIrWJIxrDhnbJ2JsEk2ZMPc6q:QphiOupkJRWJIxrlbQGElZMk6q
Score

8^/10

execution
- Blocklisted process makes network request
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2