Overview

overview

8

Static

static

bill-1.bat

windows7-x64

8

bill-1.bat

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    bill-1.iso

  • Size

    600KB

  • Sample

    220916-bxgtbaede3

  • MD5

    999cb51bdec2303eee18ae532a9631f8

  • SHA1

    5446ade30168aae5c31e9ed7c64acce27b974dc6

  • SHA256

    f83fc3451fed870660cd400f9ea3104a675d054ce77140ecae19f759bb166810

  • SHA512

    2431266e30a79f45c3841175ff5eef8609da5db27aebbbe9c629886e2fb1e9fc3874a37bc70ade96560d6cdf51d0d38feaa1deb2d4bcf59c9089e2b5ba598e49

  • SSDEEP

    192:1kG53K5XOGRM8CWs6QdKQdZkDosfIMRJ/GjkDoswIMRB/GXQdy:J0H0j5XcDoqdDoD5s

Score
8/10

Malware Config

Targets

    • Target

      bill-1.bat

    • Size

      24KB

    • MD5

      0e719a060ddb752d43b109308668493b

    • SHA1

      056ca5dd8a72353815131687ec22e60f3bad5174

    • SHA256

      05f6a2eb87ecbc8aad44ffc0e71804263fdfdb6a3627eadfa89b3bde0daaebd0

    • SHA512

      2a046eea44ef0609d1b14aba4a8481e0dcc9a6877ae9cd5d555a71e372c6ad0174fa1466e95a1d6ff12a16ac7096a1bce628abcf6c7dc1203f89c5e7c0e2feb5

    • SSDEEP

      192:AQdKQdZkDosfIMRJ/GjkDoswIMRB/GXQdl:7XcDoqdDoD5f

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks