2020-04-02 - VBS-BASED MALWARE INFECTION

ASSOCIATED FILES:

NOTES:

 

IMAGES


Shown above:  Example from one of the zip archives and its extracted VBS file.

 


Shown above:  Traffic from an infection filtered in Wireshark.

 


Shown above:  Artifacts seen in the infected user's AppData\Local\Temp folder during this infection..

 


Shown above:  Scheduled task to keep this infection persistent.

 

Click here to return to the main page.