Overview

overview

8

Static

static

1

67b9457331...c8.vbs

windows7-x64

8

67b9457331...c8.vbs

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    67b9457331d029200f00205c11632fbbf7aa3b338d2eafd274c4c80f5c26c4c8.vbs

  • Size

    14KB

  • Sample

    241002-bp1w8atena

  • MD5

    9f4e60a4a510aab2d96525ee51d7f858

  • SHA1

    c86b0f087b561b3eee0b97ba4435ee5c58b3b472

  • SHA256

    67b9457331d029200f00205c11632fbbf7aa3b338d2eafd274c4c80f5c26c4c8

  • SHA512

    311262488885b079b78faa131a716d02a5d1241d8867f220cdef0b7b9f1f35ab76d384f47a937e5ad929966ba8517209d955060a8342501e03e17042800cfcfb

  • SSDEEP

    192:vvJG3VsTxLRtkuUx0mbWw6Xgs4Zcx2dqnZ+d1AN0O5Tv4Khz2TGrRDxRZM:m4xRedxBr6LELdkZP0O574KdGYRDxRO

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      67b9457331d029200f00205c11632fbbf7aa3b338d2eafd274c4c80f5c26c4c8.vbs

    • Size

      14KB

    • MD5

      9f4e60a4a510aab2d96525ee51d7f858

    • SHA1

      c86b0f087b561b3eee0b97ba4435ee5c58b3b472

    • SHA256

      67b9457331d029200f00205c11632fbbf7aa3b338d2eafd274c4c80f5c26c4c8

    • SHA512

      311262488885b079b78faa131a716d02a5d1241d8867f220cdef0b7b9f1f35ab76d384f47a937e5ad929966ba8517209d955060a8342501e03e17042800cfcfb

    • SSDEEP

      192:vvJG3VsTxLRtkuUx0mbWw6Xgs4Zcx2dqnZ+d1AN0O5Tv4Khz2TGrRDxRZM:m4xRedxBr6LELdkZP0O574KdGYRDxRO

    Score
    8/10
    discoveryexecution

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks