General
-
Target
target.vbs
-
Size
1015B
-
Sample
241001-vex75atgle
-
MD5
078db06662fafd7cae63b52486eb2895
-
SHA1
210204f4ff91af54ef57628810dad684e74ce30b
-
SHA256
5692eae941716274cde446cc705879cb6f5ee8bb49b56e1d68e069a73fde493c
-
SHA512
66696bfc73b88d8b7521bc429b3e9170b49d709a1be44709ce9026f551dcf2fae100330531ff523752d84d5023e7a8531e381f039c9ccd7b3d0daf8edac6c4e0
Static task
static1
Behavioral task
behavioral1
Sample
target.vbs
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
target.vbs
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
target.vbs
-
Size
1015B
-
MD5
078db06662fafd7cae63b52486eb2895
-
SHA1
210204f4ff91af54ef57628810dad684e74ce30b
-
SHA256
5692eae941716274cde446cc705879cb6f5ee8bb49b56e1d68e069a73fde493c
-
SHA512
66696bfc73b88d8b7521bc429b3e9170b49d709a1be44709ce9026f551dcf2fae100330531ff523752d84d5023e7a8531e381f039c9ccd7b3d0daf8edac6c4e0
Score9/10-
Renames multiple (169) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Drops desktop.ini file(s)
-