15c7e5e81d3c9c27ac8ee54fe02dd9d9adadcdd13bd758a0d501ad60f531ef46 | Triage

Sharing

General

Target

script.vbs
Size

894B
Sample

240704-v7prfszhpk
MD5

e4eb801891b1e2d31bbf92ab4dbdc129
SHA1

b02944319c438a6bcdd52e1052eb1c23d7008230
SHA256

15c7e5e81d3c9c27ac8ee54fe02dd9d9adadcdd13bd758a0d501ad60f531ef46
SHA512

2ef19f1758a9c32d64f7ae8fe9716e98913bd5748acc76fe76b87d1b6bd6ea4eb349086b74f256ced24867bef284500c69c0e98a73335ca15828148a3a348a6a

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  script.vbs
- Size
  
  894B
- MD5
  
  e4eb801891b1e2d31bbf92ab4dbdc129
- SHA1
  
  b02944319c438a6bcdd52e1052eb1c23d7008230
- SHA256
  
  15c7e5e81d3c9c27ac8ee54fe02dd9d9adadcdd13bd758a0d501ad60f531ef46
- SHA512
  
  2ef19f1758a9c32d64f7ae8fe9716e98913bd5748acc76fe76b87d1b6bd6ea4eb349086b74f256ced24867bef284500c69c0e98a73335ca15828148a3a348a6a
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2