General
-
Target
1.bat
-
Size
4KB
-
Sample
210728-3hzwrg6qej
-
MD5
22eacca2035b4f78dbd5c591d4555343
-
SHA1
adb82749c10765524011b4ed30388d86e252ed69
-
SHA256
54cdce4be37c4ce2ef3f5a3adfcfdf22f002f345500db57098bd29a49d7b60a9
-
SHA512
55e97b4b59df77de865b9880776fbe75fbc25d7b211d4ed64fcb9c02ae9fa7c5bea00350a7396bcef46b8d7ce5e0f0c0e99e7b8f42f4513ffe448a90966303c4
Static task
static1
Behavioral task
behavioral1
Sample
1.bat
Resource
win7v20210408
Behavioral task
behavioral2
Sample
1.bat
Resource
win10v20210408
Malware Config
Targets
-
-
Target
1.bat
-
Size
4KB
-
MD5
22eacca2035b4f78dbd5c591d4555343
-
SHA1
adb82749c10765524011b4ed30388d86e252ed69
-
SHA256
54cdce4be37c4ce2ef3f5a3adfcfdf22f002f345500db57098bd29a49d7b60a9
-
SHA512
55e97b4b59df77de865b9880776fbe75fbc25d7b211d4ed64fcb9c02ae9fa7c5bea00350a7396bcef46b8d7ce5e0f0c0e99e7b8f42f4513ffe448a90966303c4
Score10/10-
suricata: ET MALWARE Suspected Bizarro Banker Activity (POST)
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-