General

  • Target

    13062024_0613_12062024_Specifications2.vbs

  • Size

    13KB

  • Sample

    240613-gywxhs1cqp

  • MD5

    7a75327d6f80e9cec9ea6db1f0ef3832

  • SHA1

    18faa1cd456fa80d2be0e193dcb57f086a50e6c2

  • SHA256

    6444f1d3dd9be71f757bee83727dee15a74f01146baaaa889b3a0e71675b7687

  • SHA512

    f555389162546918cf6184aeca54c84bb77f99df0a77570cedc8fe32b8adc27255117b714f6a9e6204a2f82a36420033f39bc448939e78ea5647aedb4e146670

  • SSDEEP

    384:WhtHAxVQDwYWUcsqvd+mAlGemR3zQ9DH+PaRF6VpPgRIVHzEsRcZz:fVqwYWUuvg7lG9R3zQ9yCKVVH+B

Score
8/10

Malware Config

Targets

    • Target

      13062024_0613_12062024_Specifications2.vbs

    • Size

      13KB

    • MD5

      7a75327d6f80e9cec9ea6db1f0ef3832

    • SHA1

      18faa1cd456fa80d2be0e193dcb57f086a50e6c2

    • SHA256

      6444f1d3dd9be71f757bee83727dee15a74f01146baaaa889b3a0e71675b7687

    • SHA512

      f555389162546918cf6184aeca54c84bb77f99df0a77570cedc8fe32b8adc27255117b714f6a9e6204a2f82a36420033f39bc448939e78ea5647aedb4e146670

    • SSDEEP

      384:WhtHAxVQDwYWUcsqvd+mAlGemR3zQ9DH+PaRF6VpPgRIVHzEsRcZz:fVqwYWUuvg7lG9R3zQ9yCKVVH+B

    Score
    8/10
    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks