939c8987dca4aacad41066c29eb0bee95ed447c5f9597953fd1de0027c660ee4 | Triage

Sharing

General

Target

code.vbs
Size

566B
Sample

240901-qft5mssalc
MD5

73d9fdda098386095a38def08f0391cf
SHA1

4cc22841ea50caaeb8de420cb5da4a0af44a817c
SHA256

939c8987dca4aacad41066c29eb0bee95ed447c5f9597953fd1de0027c660ee4
SHA512

f6e1eee98e643f113693a43477ae47357289afa1b3d0ab9312c18e642c2bb5712af741da2bc4ac7d782a1cecb1ed76993713dedf1d204af73ecb91a7e2c66ee0

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  code.vbs
- Size
  
  566B
- MD5
  
  73d9fdda098386095a38def08f0391cf
- SHA1
  
  4cc22841ea50caaeb8de420cb5da4a0af44a817c
- SHA256
  
  939c8987dca4aacad41066c29eb0bee95ed447c5f9597953fd1de0027c660ee4
- SHA512
  
  f6e1eee98e643f113693a43477ae47357289afa1b3d0ab9312c18e642c2bb5712af741da2bc4ac7d782a1cecb1ed76993713dedf1d204af73ecb91a7e2c66ee0
Score

8^/10

discovery exploit
- Possible privilege escalation attempt
  exploit
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit