Overview

overview

8

Static

static

1

Ref#19907600.vbe

windows7-x64

8

Ref#19907600.vbe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Ref#19907600.vbe

  • Size

    14KB

  • Sample

    241121-k8s56a1jey

  • MD5

    3750a9f8d705970d177e72b028cc065d

  • SHA1

    6700bfa882d308a1e1226f7484c5709a823a8b17

  • SHA256

    161157731ec2b70f5b5d2861d281fc3681b365a5c8242441a3a0772f6e5176a8

  • SHA512

    504b842d778042c060618505e85cfc3cc1a541e84431f8ad4adc6c54f1a8bb5480847eff8b93f6b60ae5cbbd963e5a381fca17588a46321767d47373f73603c7

  • SSDEEP

    384:SoARS0j0wbvwbbXM0jqN/Jt/HwxPNXkwQ0MhJ9fl:dARS0j5cbbXM0GHsPNFM/n

Score
8/10

Malware Config

Targets

    • Target

      Ref#19907600.vbe

    • Size

      14KB

    • MD5

      3750a9f8d705970d177e72b028cc065d

    • SHA1

      6700bfa882d308a1e1226f7484c5709a823a8b17

    • SHA256

      161157731ec2b70f5b5d2861d281fc3681b365a5c8242441a3a0772f6e5176a8

    • SHA512

      504b842d778042c060618505e85cfc3cc1a541e84431f8ad4adc6c54f1a8bb5480847eff8b93f6b60ae5cbbd963e5a381fca17588a46321767d47373f73603c7

    • SSDEEP

      384:SoARS0j0wbvwbbXM0jqN/Jt/HwxPNXkwQ0MhJ9fl:dARS0j5cbbXM0GHsPNFM/n

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks