Overview

overview

7

Static

static

ssfn_EasyAdmin.bat

windows7_x64

7

ssfn_EasyAdmin.bat

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ssfn_EasyAdmin.bat

  • Size

    2KB

  • Sample

    201116-klb451apvj

  • MD5

    4cd8c594ba3d8c446c8c03b71c246e9d

  • SHA1

    f25b59aee7ae58ceb69531cd43ee4bd7ed6de3ac

  • SHA256

    76b4f87b01058c06fd8c5b94391ea6af5c373dfffb925c7100132dd15ef57a6e

  • SHA512

    6cb9a3d490530da14c0b631182ee816d17c9b33559d21efef4aef10765c26b6ac8f112277eefa6774887c8f6ad7f215010b5cd0aa4c8d63089654c9fa3ca9d36

Score
7/10
discovery

Malware Config

Targets

    • Target

      ssfn_EasyAdmin.bat

    • Size

      2KB

    • MD5

      4cd8c594ba3d8c446c8c03b71c246e9d

    • SHA1

      f25b59aee7ae58ceb69531cd43ee4bd7ed6de3ac

    • SHA256

      76b4f87b01058c06fd8c5b94391ea6af5c373dfffb925c7100132dd15ef57a6e

    • SHA512

      6cb9a3d490530da14c0b631182ee816d17c9b33559d21efef4aef10765c26b6ac8f112277eefa6774887c8f6ad7f215010b5cd0aa4c8d63089654c9fa3ca9d36

    Score
    7/10
    discovery

    • Modifies file permissions

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks