4cb87567577b2fd63013f5a7236cff55800fae26450e54ff0948c202da4006c8 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

file01.vbs

windows7-x64

8

file01.vbs

windows10-2004-x64

8

Sharing

General

Target

file01.vbs
Size

3KB
Sample

240629-sqmjnatalp
MD5

feb5a83344a4baa880c06c7537729a89
SHA1

1711baf522d5fe2a4c17e022d1e0da888c950f79
SHA256

4cb87567577b2fd63013f5a7236cff55800fae26450e54ff0948c202da4006c8
SHA512

b409e942e964804c80bdb7362d4d5c1fd34e350d8f0043076e2d2c03fcb6207d7a8ff8e329117edf0d3465803cd1bbc77c90c2c58ece38faa07aff59cdbfadf3

Score

8^/10

evasion

Static task

static1

Behavioral task

behavioral1

Sample

file01.vbs

Resource

win7-20240508-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

file01.vbs

Resource

win10v2004-20240508-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  file01.vbs
- Size
  
  3KB
- MD5
  
  feb5a83344a4baa880c06c7537729a89
- SHA1
  
  1711baf522d5fe2a4c17e022d1e0da888c950f79
- SHA256
  
  4cb87567577b2fd63013f5a7236cff55800fae26450e54ff0948c202da4006c8
- SHA512
  
  b409e942e964804c80bdb7362d4d5c1fd34e350d8f0043076e2d2c03fcb6207d7a8ff8e329117edf0d3465803cd1bbc77c90c2c58ece38faa07aff59cdbfadf3
Score

8^/10

evasion
- Disables Task Manager via registry modification
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy