2020-04-02 - VBS-BASED MALWARE INFECTION
ASSOCIATED FILES:
- 2020-04-02-VBS-based-malware-IOCs.txt.zip 2.1 kB (2,144 bytes)
- 2020-04-02-VBS-based-malware-infection-traffic.pcap.zip 214 kB (214,323 bytes)
- 2020-04-02-VBS-based-malware-and-artifacts.zip 80 kB (80,126 bytes)
- 2020-03-16-thru-2020-04-02-collection-of-15-similar-zip-archives.zip 771 kB (771,406 bytes)
NOTES:
- All zip archives on this site are password-protected with the standard password. If you don't know it, see the "about" page of this website.
IMAGES
Shown above: Example from one of the zip archives and its extracted VBS file.
Shown above: Traffic from an infection filtered in Wireshark.
Shown above: Artifacts seen in the infected user's AppData\Local\Temp folder during this infection..
Shown above: Scheduled task to keep this infection persistent.
Click here to return to the main page.