General
-
Target
rolvepgqld..vbs
-
Size
6KB
-
Sample
240701-e59e3swfkg
-
MD5
adc9b91bfd685823f831cb149a4b162f
-
SHA1
9ed18df7933da490283c6981270dca26c7d0e2dc
-
SHA256
a53ca96d00ce81b10989b473807bfc56f440a7c355bde08b0cb26dcfd6bf3278
-
SHA512
847752d39a27f007f10e30d3e15296346e9acfd4e4945e68b31876b578a2cdfef5b7f805f878bf622c62644e566bc636240d9859458fb43dd37f0018e906b961
-
SSDEEP
96:NdLYaIwYeBUCU14Tqt+C+QskJdcP2z/n8HFUiQxbDxLlzWUMsuNu7sC9Fh7:NCReLHTE++d0HFUXVpWUMA7sC9b
Static task
static1
Behavioral task
behavioral1
Sample
Device/HarddiskVolume3/Users/nabiljazmawi/AppData/Local/Temp/rolvepgqld..vbs
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Device/HarddiskVolume3/Users/nabiljazmawi/AppData/Local/Temp/rolvepgqld..vbs
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Device/HarddiskVolume3/Users/nabiljazmawi/AppData/Local/Temp/rolvepgqld..vbs
-
Size
19KB
-
MD5
3bffe0527cbdf160ad0b51588579c3da
-
SHA1
92652d4d1381bd7d550bf355f400886067903a40
-
SHA256
b78d56aa02ce5a1b953df9a14f7483b72423d03be4c463b444a53caffd61ce8b
-
SHA512
d8e3611d1e1192bc6d4cf87be926c7f0e98caeb371690ca4ebf66be56ff62a98bc61203cf01a7381e31ab3720fb0de9ffe3ea040a286050a3208a7cfde5ad969
-
SSDEEP
384:Pn/crgS6pDX157RI/P+pMvsPy7qFye/PLFmIOXEwJ0LGTqUNfQXDm:P/5JMvsPy2Js/WkmDm
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-