General
-
Target
vbc.exe
-
Size
453KB
-
Sample
200625-6hzyzzmn5x
-
MD5
be8ecf5fc8fc6564c01a30e872bbe4b9
-
SHA1
40a93953f8b744f41136f4728b77d936d9bab568
-
SHA256
7fc89c08916cfdbc1f950304f39fb0039437bf720a7dcf4e236636cb004caf9c
-
SHA512
039aea333e6e59aa8d7f020865ad660021027e041ed112fc7a8b8338db0fdfc695cc6c8d4f20047bbc30f45c8434a489f0a6db66d42536df93b51a0840bf1dab
Static task
static1
Behavioral task
behavioral1
Sample
vbc.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
vbc.exe
Resource
win10
Malware Config
Targets
-
-
Target
vbc.exe
-
Size
453KB
-
MD5
be8ecf5fc8fc6564c01a30e872bbe4b9
-
SHA1
40a93953f8b744f41136f4728b77d936d9bab568
-
SHA256
7fc89c08916cfdbc1f950304f39fb0039437bf720a7dcf4e236636cb004caf9c
-
SHA512
039aea333e6e59aa8d7f020865ad660021027e041ed112fc7a8b8338db0fdfc695cc6c8d4f20047bbc30f45c8434a489f0a6db66d42536df93b51a0840bf1dab
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-