Overview

overview

10

Static

static

zBcbRg0w.bat

windows7_x64

10

zBcbRg0w.bat

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    zBcbRg0w.bat

  • Size

    191B

  • Sample

    200215-vf9tcdvjaj

  • MD5

    705dbd736a8950083e7c42280832ea6b

  • SHA1

    0245d36cf32c6027fac64a644b269ddb6fd4f1f0

  • SHA256

    600c54fb34157d0214e9737e4627ca6e743ee713310e6339abf3afca16d688c0

  • SHA512

    62ec901c122f4b881a3e81be4462a8df5a87da41aeab32b0f419273f97caded3f4001c50f78438489beb2b7d794be5f5e3d287ad13e3739e1cf7e6777c03de91

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
ps1.dropper

http://185.103.242.78/pastes/zBcbRg0w

Targets

    • Target

      zBcbRg0w.bat

    • Size

      191B

    • MD5

      705dbd736a8950083e7c42280832ea6b

    • SHA1

      0245d36cf32c6027fac64a644b269ddb6fd4f1f0

    • SHA256

      600c54fb34157d0214e9737e4627ca6e743ee713310e6339abf3afca16d688c0

    • SHA512

      62ec901c122f4b881a3e81be4462a8df5a87da41aeab32b0f419273f97caded3f4001c50f78438489beb2b7d794be5f5e3d287ad13e3739e1cf7e6777c03de91

    Score
    10/10

    • Blacklisted process makes network request

    • Program crash

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks