General
-
Target
mat.vbs
-
Size
7KB
-
Sample
200731-mtg2ayqw1a
-
MD5
3f4f53a5a18c6b737d649b011dd6b9a1
-
SHA1
1848f72d0e23e721f3307a1ce2673f5d127b7032
-
SHA256
2a09c15cbdf630ca762a9baa8cffd71fdeeb9195f1ed0bcf1aab4d46afdb13dc
-
SHA512
97084c79f55bbd8f7d26df7b581a48cc81d9b5ef4b96cc26df505701b3f22bb179de6519157c83c8d00ef4b21f197fe7488ee40d7a1272bd3227113f692ae1ed
Static task
static1
Behavioral task
behavioral1
Sample
mat.vbs
Resource
win7v200722
Behavioral task
behavioral2
Sample
mat.vbs
Resource
win10v200722
Malware Config
Targets
-
-
Target
mat.vbs
-
Size
7KB
-
MD5
3f4f53a5a18c6b737d649b011dd6b9a1
-
SHA1
1848f72d0e23e721f3307a1ce2673f5d127b7032
-
SHA256
2a09c15cbdf630ca762a9baa8cffd71fdeeb9195f1ed0bcf1aab4d46afdb13dc
-
SHA512
97084c79f55bbd8f7d26df7b581a48cc81d9b5ef4b96cc26df505701b3f22bb179de6519157c83c8d00ef4b21f197fe7488ee40d7a1272bd3227113f692ae1ed
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blacklisted process makes network request
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-