067c30fa7f1617ab59d68180e04a19f772be311d44bb03de54e99b382c929b7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

run.vbs
Size

861B
Sample

240919-t6dgcszalj
MD5

bbaaedb339b506cd98a00f77e35b03da
SHA1

176a433ae97b5a434df6236a9f7a309037b8ee36
SHA256

067c30fa7f1617ab59d68180e04a19f772be311d44bb03de54e99b382c929b7f
SHA512

667e759c47e0c5b35aa1ad047b1e6474309048eef2ba730e0d70e90c6f8d8249befe495a184f03e09c5c84a6b64ee3dffacfddc3b3ca1cf5952981a9c7fdf61b

Score

7^/10

ransomware

Malware Config

Targets

- Target
  
  run.vbs
- Size
  
  861B
- MD5
  
  bbaaedb339b506cd98a00f77e35b03da
- SHA1
  
  176a433ae97b5a434df6236a9f7a309037b8ee36
- SHA256
  
  067c30fa7f1617ab59d68180e04a19f772be311d44bb03de54e99b382c929b7f
- SHA512
  
  667e759c47e0c5b35aa1ad047b1e6474309048eef2ba730e0d70e90c6f8d8249befe495a184f03e09c5c84a6b64ee3dffacfddc3b3ca1cf5952981a9c7fdf61b
Score

7^/10

ransomware
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2