General
-
Target
file.vbs
-
Size
506B
-
Sample
240901-qgwpvs1gkp
-
MD5
0c7e1be66d051894037fbd4d3ba7e873
-
SHA1
f42da981a96a415fcfe54b03369c024579ca91e6
-
SHA256
8376d1d8d0eacb7462cdf9c4548e5e700999ec3112355dcb48041a1b636179e6
-
SHA512
92e15380deffd98351b16962b23b41492c528f02f9993198c4010c3ed1d50a6c7cbab38aa621c2f04eaf96a7431d01eb8ef1299f59ccfae15aac4dfa72c1ce74
Malware Config
Targets
-
-
Target
file.vbs
-
Size
506B
-
MD5
0c7e1be66d051894037fbd4d3ba7e873
-
SHA1
f42da981a96a415fcfe54b03369c024579ca91e6
-
SHA256
8376d1d8d0eacb7462cdf9c4548e5e700999ec3112355dcb48041a1b636179e6
-
SHA512
92e15380deffd98351b16962b23b41492c528f02f9993198c4010c3ed1d50a6c7cbab38aa621c2f04eaf96a7431d01eb8ef1299f59ccfae15aac4dfa72c1ce74
Score8/10-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-