General

  • Target

    vbsedit_x64.exe

  • Size

    11.1MB

  • Sample

    241109-3aqaqatlcx

  • MD5

    7bc0218e526b22faedb8591a6c1c1c41

  • SHA1

    df97bdbdf387771bf7fc945666793c4e7c8efec4

  • SHA256

    7b785d9db870903795a5ed487ce58f5b7012e7483b0f5c40eae5fd928b664fab

  • SHA512

    c05699554fc5ac8b6ba51a13045771a7cdaadfae7b2cbd7fd16ffaa70fc66e60715aab260eb4f8af4df61566db66b8728a8d9c29517ee7e6aa61701f6dedd34e

  • SSDEEP

    196608:OmPOL5DOvybCR3ZZh25bLR3BkDVWR+EvcgH1IDvdVAY:BPORywP5vR+EvcC86Y

Malware Config

Targets

    • Target

      vbsedit_x64.exe

    • Size

      11.1MB

    • MD5

      7bc0218e526b22faedb8591a6c1c1c41

    • SHA1

      df97bdbdf387771bf7fc945666793c4e7c8efec4

    • SHA256

      7b785d9db870903795a5ed487ce58f5b7012e7483b0f5c40eae5fd928b664fab

    • SHA512

      c05699554fc5ac8b6ba51a13045771a7cdaadfae7b2cbd7fd16ffaa70fc66e60715aab260eb4f8af4df61566db66b8728a8d9c29517ee7e6aa61701f6dedd34e

    • SSDEEP

      196608:OmPOL5DOvybCR3ZZh25bLR3BkDVWR+EvcgH1IDvdVAY:BPORywP5vR+EvcC86Y

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

MITRE ATT&CK Enterprise v15

Tasks