General

  • Target

    ph2408.bat

  • Size

    543B

  • Sample

    210922-ccswhsahc3

  • MD5

    f134912b3ebfb9d02e46c9dcac30b47f

  • SHA1

    0418ee735232fea50d72d1b5f454403cc08fe45e

  • SHA256

    ac2acbb0656b7b54c2c62e58cbb013f07500ec0ec85b73aadd9648fe6c4399be

  • SHA512

    0505366c220c9ef61890ed201a436f51b964234d8670b3d069f8418af079aa9f1556eeeabfdf40fd7928881cace95e994f3ca38ff965f7241f6be94045a22e92

Score
10/10

Malware Config

Targets

    • Target

      ph2408.bat

    • Size

      543B

    • MD5

      f134912b3ebfb9d02e46c9dcac30b47f

    • SHA1

      0418ee735232fea50d72d1b5f454403cc08fe45e

    • SHA256

      ac2acbb0656b7b54c2c62e58cbb013f07500ec0ec85b73aadd9648fe6c4399be

    • SHA512

      0505366c220c9ef61890ed201a436f51b964234d8670b3d069f8418af079aa9f1556eeeabfdf40fd7928881cace95e994f3ca38ff965f7241f6be94045a22e92

    Score
    10/10
    • DoubleBack

      DoubleBack is a modular backdoor first seen in December 2020.

    • DoubleBack x64 Payload

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks