0a38a5ec2f3b805dcf29cb2b6585b331f5ccbda83b2edc99fba4ce6df0044d00 | Triage

Sharing

General

Target

0a38a5ec2f3b805dcf29cb2b6585b331f5ccbda83b2edc99fba4ce6df0044d00.vbs
Size

26KB
Sample

240705-svthrs1blj
MD5

b9e589a0c76fd4f85e43c2d84c3e614c
SHA1

de74efff3b786612b9ea4fc220a63aa5c76d52d8
SHA256

0a38a5ec2f3b805dcf29cb2b6585b331f5ccbda83b2edc99fba4ce6df0044d00
SHA512

98cf7b171da4591dc5fca39b5a48abc43ca3698d6a00c3378e974fdea8e9f6999a889209f3a8c15f7a8794f5823ed2e23fa707944ba346e409f1436a6a1c298a
SSDEEP

384:6lzV6m2So022lGP9V6+s0flKJpl/5ZrE5HVnS0Re7PIx+5lEPmgwwBrkzsxpZzQh:qzSR022X/523S0e8xPPmukOpFGcNbDN0

Score

8^/10

Malware Config

Targets

- Target
  
  0a38a5ec2f3b805dcf29cb2b6585b331f5ccbda83b2edc99fba4ce6df0044d00.vbs
- Size
  
  26KB
- MD5
  
  b9e589a0c76fd4f85e43c2d84c3e614c
- SHA1
  
  de74efff3b786612b9ea4fc220a63aa5c76d52d8
- SHA256
  
  0a38a5ec2f3b805dcf29cb2b6585b331f5ccbda83b2edc99fba4ce6df0044d00
- SHA512
  
  98cf7b171da4591dc5fca39b5a48abc43ca3698d6a00c3378e974fdea8e9f6999a889209f3a8c15f7a8794f5823ed2e23fa707944ba346e409f1436a6a1c298a
- SSDEEP
  
  384:6lzV6m2So022lGP9V6+s0flKJpl/5ZrE5HVnS0Re7PIx+5lEPmgwwBrkzsxpZzQh:qzSR022X/523S0e8xPPmukOpFGcNbDN0
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2