General

  • Target

    file.vbs

  • Size

    227B

  • Sample

    240809-yzt8ra1gjf

  • MD5

    2b0f6b8ae35f6ee1a41441c9152ca64d

  • SHA1

    152290108baa9f58a54635b26a29c0a3b3e4b56c

  • SHA256

    d6d614cf4fabb1147ca3a48ce42dce7441b5f193e9842eda16aca294786d6c1b

  • SHA512

    fc26343070516af10924feb3b3009cb5cccf7cecdac0431a0641e2c6bbd5d830c99fa9cd0aa3b9d5dc9e02bfb24a961597fb9fe82de1592d846e2ddf84785f7c

Score
8/10

Malware Config

Targets

    • Target

      file.vbs

    • Size

      227B

    • MD5

      2b0f6b8ae35f6ee1a41441c9152ca64d

    • SHA1

      152290108baa9f58a54635b26a29c0a3b3e4b56c

    • SHA256

      d6d614cf4fabb1147ca3a48ce42dce7441b5f193e9842eda16aca294786d6c1b

    • SHA512

      fc26343070516af10924feb3b3009cb5cccf7cecdac0431a0641e2c6bbd5d830c99fa9cd0aa3b9d5dc9e02bfb24a961597fb9fe82de1592d846e2ddf84785f7c

    Score
    8/10
    • Possible privilege escalation attempt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks