01af757138ece4e2a8d75a0df845ac5c91f152e9429292d6c05dfb77223803ce | Triage

Sharing

General

Target

Factura.vbs
Size

44KB
Sample

200402-4z3v5ml4rj
MD5

1de486ee52db1e672d5047dd1b181a85
SHA1

0e564c47de903949684bfd752036878638018388
SHA256

01af757138ece4e2a8d75a0df845ac5c91f152e9429292d6c05dfb77223803ce
SHA512

fbee673a8f7d2b794b281e4c84b54975781bc580b2a673481e87b1060ab5986493b6249efcfdd63830e978e2379ca30934152fce6f1522a30d6b2cd446d2683a

Score

8^/10

evasion spyware trojan

Malware Config

Targets

- Target
  
  Factura.vbs
- Size
  
  44KB
- MD5
  
  1de486ee52db1e672d5047dd1b181a85
- SHA1
  
  0e564c47de903949684bfd752036878638018388
- SHA256
  
  01af757138ece4e2a8d75a0df845ac5c91f152e9429292d6c05dfb77223803ce
- SHA512
  
  fbee673a8f7d2b794b281e4c84b54975781bc580b2a673481e87b1060ab5986493b6249efcfdd63830e978e2379ca30934152fce6f1522a30d6b2cd446d2683a
Score

8^/10

evasion spyware trojan
- Blacklisted process makes network request
- Drops startup file
- Modifies system certificate store
  evasion spyware trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionspywaretrojan

behavioral2