Overview

overview

7

Static

static

1

Request fo...er.vbs

windows7-x64

6

Request fo...er.vbs

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8007c019378d8d9371258d6c5eec34c674333c6410a1e299524bf0cbe45e4b6f.gz

  • Size

    7KB

  • Sample

    241002-brwehstfma

  • MD5

    829d0b8aeb85274ea044a238c7af3cc4

  • SHA1

    98bfcdddacb1205fa4c4bbc5406411222a3c5220

  • SHA256

    8007c019378d8d9371258d6c5eec34c674333c6410a1e299524bf0cbe45e4b6f

  • SHA512

    e526b0c6c0b274e3d0103dc3857131ff0bba1ad9c244f45d889e5c90e57e57d47e6e83374be451c558bbc39563f2bf1d406cc601561810b08d88a83b103baf8c

  • SSDEEP

    192:7sTr0M1AIEV1sdDmZgP71cVt8xa73Rf7uP+bt2Wp2vrF:7sTrZATVqmZwRcYWt7ToU2vB

Score
7/10
discoveryexecution

Malware Config

Targets

    • Target

      Request for Invoice Number.vbs

    • Size

      14KB

    • MD5

      a3deccd21a468366e10004c42b364439

    • SHA1

      42cee1ecb79c140ee40a9efdd204bf84a2301904

    • SHA256

      0ccb57ad1aedffdbdb1a394b230db1396be375ca47b1ff3a0de855819c647252

    • SHA512

      27f049243e52be444b6fe306808b5496da08c4b4180cc55b7106046e00417a785298b84a6f52903f07f2f505d782d5c79d46f48caa1a0c38d9ffa8ba841da7f3

    • SSDEEP

      192:pvJw0eWedwQ4yBbtlqmiimIHnp5geRvLdoPoQD4gopQsW0B2P9UfrMmV6Qb6:Av5Qc5f8onp5geRDdfQ/m/+U1rb6

    Score
    7/10
    discoveryexecution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks