VBSDropper
VBScript dropper. INVOICE.JPEG.vbs double extension. 39d30cfe5d033f4342c289362d.ru hex subdomain C2. StrReverse certutil decode. TEMP drop path.
Threat Profile
Type
Loader
Programming LanguageVBScript
C2 ProtocolHTTP
First Seen2022
Targets
Küresel
Purpose / Capabilities
- Dropper/Loader
No C2 servers have been identified for this family yet.
Research Reports (1)
VBSDropper -- INVOICE-7141.JPEG.vbs Çift Uzantı Gizleme, 39d30cfe5d033f4342c289362d.ru C2 Hex Subdomain, StrReverse certutil decode Ters Komut Obfuskasyonu, s53a4a2b43e0fe695c72d119.exe Drop Yolu | Yüksek
VBS Dropper INVOICE-7141.JPEG.vbs 459KB çift uzantı gizleme. 39d30cfe5d033f4342c289362d.ru C2 hex subdomain. StrReverse certutil -decode ters komut. %TEMP%\s53a4a2b43e0fe695c72d119dfbb986a73c3b57.exe drop.
Read Report →