General

  • Target

    script.vbs

  • Size

    1KB

  • Sample

    240809-zwj42sshla

  • MD5

    e44a9c187a4e40c2ddb6009af3567919

  • SHA1

    f6b3c56d4eee29799a011e3385e855346c601a23

  • SHA256

    5c3c530835c081210cc95dd2ff29ed430c3529bc3925b9c8d522b583247a8fe8

  • SHA512

    3bc6ba7ac987fe526d0fdcfb70cb3b28acce3b3ae5d71ae92c9fde70404e75182144ab46e7a9c5b0d66c62b5fd045a4108a1784639cc1840104d16dc99db441c

Score
8/10

Malware Config

Targets

    • Target

      script.vbs

    • Size

      1KB

    • MD5

      e44a9c187a4e40c2ddb6009af3567919

    • SHA1

      f6b3c56d4eee29799a011e3385e855346c601a23

    • SHA256

      5c3c530835c081210cc95dd2ff29ed430c3529bc3925b9c8d522b583247a8fe8

    • SHA512

      3bc6ba7ac987fe526d0fdcfb70cb3b28acce3b3ae5d71ae92c9fde70404e75182144ab46e7a9c5b0d66c62b5fd045a4108a1784639cc1840104d16dc99db441c

    Score
    8/10
    • Possible privilege escalation attempt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks