3f59e7732c35f42f8f681716f4751a4c3f179579e2eb0ac23b82eb1bd49373f6 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

trigger.vbs

windows7-x64

8

trigger.vbs

windows10-2004-x64

8

Sharing

General

Target

trigger.vbs
Size

743B
Sample

240703-my39gsygkf
MD5

5d9d72cd3834faa480b06605c761dc63
SHA1

d6a845fb6f23e8d1fee3c25d551e021f6edfc0ac
SHA256

3f59e7732c35f42f8f681716f4751a4c3f179579e2eb0ac23b82eb1bd49373f6
SHA512

2816a46503b14500eb3d1a3054958a5b9641fa5a0a9ec6a7aeff1ee8b8503903bdbaf56658dde5e1c982f0623d369a4dde81f8970d755d376de149c2f8dfa40c

Score

8^/10

discovery exploit

Static task

static1

Behavioral task

behavioral1

Sample

trigger.vbs

Resource

win7-20240419-en

discovery exploit

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

trigger.vbs

Resource

win10v2004-20240611-en

discovery exploit

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  trigger.vbs
- Size
  
  743B
- MD5
  
  5d9d72cd3834faa480b06605c761dc63
- SHA1
  
  d6a845fb6f23e8d1fee3c25d551e021f6edfc0ac
- SHA256
  
  3f59e7732c35f42f8f681716f4751a4c3f179579e2eb0ac23b82eb1bd49373f6
- SHA512
  
  2816a46503b14500eb3d1a3054958a5b9641fa5a0a9ec6a7aeff1ee8b8503903bdbaf56658dde5e1c982f0623d369a4dde81f8970d755d376de149c2f8dfa40c
Score

8^/10

discovery exploit
- Possible privilege escalation attempt
  exploit
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit

© 2018-2024

Terms | Privacy