Overview

overview

8

Static

static

1

[SK하이�...sx.vbs

windows7-x64

8

[SK하이�...sx.vbs

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    19092024_0637_[SK하이닉스 청주] 2024년 하반기 협력사 예비조사표·xlsx.vbs.zip

  • Size

    11KB

  • Sample

    240919-hdg4aswamr

  • MD5

    9ea973900160de688ca1b8d6bcea08b9

  • SHA1

    73ca122ee8b029fa777af0a6cf6385f413ee8269

  • SHA256

    d024bcc2918a6ab37094245f9a9a914681b58a53470eae30ba848aff50ad24a1

  • SHA512

    a3b9f5b2b863f55d81d00b7d70962560b3d40b8484011e45ff38fa5ab0152819e76b4f304776694aa370b9c7a58478b77f892f99a1aa7a1ae6e55f8b218b233f

  • SSDEEP

    192:dW+vpHZMQ/yLhS3vywSfZAZZCk9a0GCtGiJ3bSkYhH7TLyG3gABsW9tP51GfozY:7D8hSfAfSZZC0TgIYhPLPPBcfozY

Score
8/10
execution

Malware Config

Targets

    • Target

      [SK하이닉스 청주] 2024년 하반기 협력사 예비조사표·xlsx.vbs

    • Size

      34KB

    • MD5

      e620cf121302720bcc2bced9953b5310

    • SHA1

      08c5e4e7ade83aa1ca0e44602500c70c08e08fd0

    • SHA256

      1823afc82141af0735636fd334827d13575a961d43177f0a07bff2277493a7db

    • SHA512

      60d76df2e1973553cb18c382b2d25e7021665e0d99332120905379dd6a8ad6e9ecff49f48dda0217d5af770fa4720830ae19c7ae64b5dbeb8ea312d448da632c

    • SSDEEP

      384:Z9vOg34bR4PQ7c1B2ZzjtuIUbeN7b14Jeg0RMj/yuBxwTtrcCLb0JvrbOYFFvUCs:Zp34KP8cAMSl4OMvLUtAqyOYjcU0

    Score
    8/10
    execution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks