General

  • Target

    81c463d50e1ee0e85632f1c0be40ee274208c1ea3361048a019e4ae7c5720d2f.vbs

  • Size

    1.4MB

  • Sample

    240711-b3r68sthkb

  • MD5

    9a6c57e6d5d71c718ec145b4fd3031f9

  • SHA1

    045829ac55927a20045945d8e1372919d1e949d4

  • SHA256

    81c463d50e1ee0e85632f1c0be40ee274208c1ea3361048a019e4ae7c5720d2f

  • SHA512

    4c0e1b16f82254f5c18e63bafab633c8c561757082abcf8eba61fcf4f1902997e14f4e39f8eb310542dfd6b9a24a7010c3e40783fa195af8975af315973a9caf

  • SSDEEP

    6144:UXFYFDFgFRFRFRFRFIFYF+FBFCFiFvFTFoFEFRFjF1F0FhF7FRFxF0FRFRFEFRFl:H+

Score
10/10

Malware Config

Targets

    • Target

      81c463d50e1ee0e85632f1c0be40ee274208c1ea3361048a019e4ae7c5720d2f.vbs

    • Size

      1.4MB

    • MD5

      9a6c57e6d5d71c718ec145b4fd3031f9

    • SHA1

      045829ac55927a20045945d8e1372919d1e949d4

    • SHA256

      81c463d50e1ee0e85632f1c0be40ee274208c1ea3361048a019e4ae7c5720d2f

    • SHA512

      4c0e1b16f82254f5c18e63bafab633c8c561757082abcf8eba61fcf4f1902997e14f4e39f8eb310542dfd6b9a24a7010c3e40783fa195af8975af315973a9caf

    • SSDEEP

      6144:UXFYFDFgFRFRFRFRFIFYF+FBFCFiFvFTFoFEFRFjF1F0FhF7FRFxF0FRFRFEFRFl:H+

    Score
    10/10
    • Ande Loader

      Ande is a loader and downloader written in C#.

    • Detect Ande Loader payload

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks