54cdce4be37c4ce2ef3f5a3adfcfdf22f002f345500db57098bd29a49d7b60a9 | Triage

Submit
Reports

Overview

overview

Static

static

1.bat

windows7_x64

1.bat

windows10_x64

Sharing

General

Target

1.bat
Size

4KB
Sample

210728-3hzwrg6qej
MD5

22eacca2035b4f78dbd5c591d4555343
SHA1

adb82749c10765524011b4ed30388d86e252ed69
SHA256

54cdce4be37c4ce2ef3f5a3adfcfdf22f002f345500db57098bd29a49d7b60a9
SHA512

55e97b4b59df77de865b9880776fbe75fbc25d7b211d4ed64fcb9c02ae9fa7c5bea00350a7396bcef46b8d7ce5e0f0c0e99e7b8f42f4513ffe448a90966303c4

Score

10^/10

persistence suricata

Static task

static1

Behavioral task

behavioral1

Sample

1.bat

Resource

win7v20210408

persistence suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1.bat

Resource

win10v20210408

persistence suricata

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  1.bat
- Size
  
  4KB
- MD5
  
  22eacca2035b4f78dbd5c591d4555343
- SHA1
  
  adb82749c10765524011b4ed30388d86e252ed69
- SHA256
  
  54cdce4be37c4ce2ef3f5a3adfcfdf22f002f345500db57098bd29a49d7b60a9
- SHA512
  
  55e97b4b59df77de865b9880776fbe75fbc25d7b211d4ed64fcb9c02ae9fa7c5bea00350a7396bcef46b8d7ce5e0f0c0e99e7b8f42f4513ffe448a90966303c4
Score

10^/10

persistence suricata
- suricata: ET MALWARE Suspected Bizarro Banker Activity (POST)
  suricata
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencesuricata

behavioral2

persistencesuricata

© 2018-2024

Terms | Privacy