cbf4668d34f495af8ca9dd9c4d6707a77e4015d017c615c1197b6f883e1f0dc6 | Triage

Sharing

General

Target

cbf4668d34f495af8ca9dd9c4d6707a77e4015d017c615c1197b6f883e1f0dc6.vbs
Size

186KB
Sample

240625-b9m6vsthpf
MD5

6a7eb6c5a6fc1a849ead86ffe1610e62
SHA1

11145291cde16a82e7c6011cc0b152ccf20a0e36
SHA256

cbf4668d34f495af8ca9dd9c4d6707a77e4015d017c615c1197b6f883e1f0dc6
SHA512

e2c1a6cab3e64adc434f74cbe3f1ffcc52e40e5877b99c52365d78f0d4971de11deec6df9cb4717c8c2a691fd92ace344e0c25265289ea2398ab15120492036b
SSDEEP

3072:gmN8GGebKjeK3ubth+DCFxKCvBB/WnHPP1w/sLJFJ281QIHz1y8mNy7Ey1MgKTZD:g08GxbKja3+DCbKCvBB/WnHXC/sLJFJi

Score

8^/10

Malware Config

Targets

- Target
  
  cbf4668d34f495af8ca9dd9c4d6707a77e4015d017c615c1197b6f883e1f0dc6.vbs
- Size
  
  186KB
- MD5
  
  6a7eb6c5a6fc1a849ead86ffe1610e62
- SHA1
  
  11145291cde16a82e7c6011cc0b152ccf20a0e36
- SHA256
  
  cbf4668d34f495af8ca9dd9c4d6707a77e4015d017c615c1197b6f883e1f0dc6
- SHA512
  
  e2c1a6cab3e64adc434f74cbe3f1ffcc52e40e5877b99c52365d78f0d4971de11deec6df9cb4717c8c2a691fd92ace344e0c25265289ea2398ab15120492036b
- SSDEEP
  
  3072:gmN8GGebKjeK3ubth+DCFxKCvBB/WnHPP1w/sLJFJ281QIHz1y8mNy7Ey1MgKTZD:g08GxbKja3+DCbKCvBB/WnHXC/sLJFJi
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2