General
-
Target
faa03936b40a379b52895f3428e73eccca7dc7b9c0a31defe7a737b0c9ba0936.vbs
-
Size
95KB
-
Sample
240613-cqabbs1clg
-
MD5
7759975571aadd5c40c81d077a55f866
-
SHA1
e93287f10b2e09af33d44dc13f4725d052a69450
-
SHA256
faa03936b40a379b52895f3428e73eccca7dc7b9c0a31defe7a737b0c9ba0936
-
SHA512
2ffd8da885031ea520b97c0513a5e18a60e685b11c8338648bb152caabc727e0eb6deebe120105a0d89bdef8245d862e1de542176e4e355c1e0d23bf083b5e7b
-
SSDEEP
384:LSoM9DNc4gyK3zIlGnyxIcptRD2HUy+j6UBPl26:/8xc4gyKDIsyp3RD20yj8PlL
Static task
static1
Behavioral task
behavioral1
Sample
faa03936b40a379b52895f3428e73eccca7dc7b9c0a31defe7a737b0c9ba0936.vbs
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
faa03936b40a379b52895f3428e73eccca7dc7b9c0a31defe7a737b0c9ba0936.vbs
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
faa03936b40a379b52895f3428e73eccca7dc7b9c0a31defe7a737b0c9ba0936.vbs
-
Size
95KB
-
MD5
7759975571aadd5c40c81d077a55f866
-
SHA1
e93287f10b2e09af33d44dc13f4725d052a69450
-
SHA256
faa03936b40a379b52895f3428e73eccca7dc7b9c0a31defe7a737b0c9ba0936
-
SHA512
2ffd8da885031ea520b97c0513a5e18a60e685b11c8338648bb152caabc727e0eb6deebe120105a0d89bdef8245d862e1de542176e4e355c1e0d23bf083b5e7b
-
SSDEEP
384:LSoM9DNc4gyK3zIlGnyxIcptRD2HUy+j6UBPl26:/8xc4gyKDIsyp3RD20yj8PlL
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-