1bcf9a3648bac8ded65038381f3e40a590d0e2d5ec5d3cc8bca275a2939dad17 | Triage

Sharing

General

Target

746635b2bd985a47943d22332f6c4039.vbs
Size

1.2MB
Sample

200731-4nr38yjnpn
MD5

746635b2bd985a47943d22332f6c4039
SHA1

a461a1a1031853ba9aa45a0ce4831d5209d40149
SHA256

1bcf9a3648bac8ded65038381f3e40a590d0e2d5ec5d3cc8bca275a2939dad17
SHA512

44682c1533f8b8dd815eeb816421277974474b1f4aa9ab4d4a7635771db80bfcb5a4fe9e6d40c8d67b0b66122f93b1fb33bf9ade6221ca97f70018c34c451fd3

Score

8^/10

Malware Config

Targets

- Target
  
  746635b2bd985a47943d22332f6c4039.vbs
- Size
  
  1.2MB
- MD5
  
  746635b2bd985a47943d22332f6c4039
- SHA1
  
  a461a1a1031853ba9aa45a0ce4831d5209d40149
- SHA256
  
  1bcf9a3648bac8ded65038381f3e40a590d0e2d5ec5d3cc8bca275a2939dad17
- SHA512
  
  44682c1533f8b8dd815eeb816421277974474b1f4aa9ab4d4a7635771db80bfcb5a4fe9e6d40c8d67b0b66122f93b1fb33bf9ade6221ca97f70018c34c451fd3
Score

8^/10
- Blacklisted process makes network request
- Deletes itself
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

behavioral2