Overview

overview

8

Static

static

111.90.151...oy.bat

windows7-x64

8

111.90.151...oy.bat

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    111.90.151.174_7777__destroy.bat

  • Size

    2KB

  • Sample

    221019-vme2hshbhr

  • MD5

    584db4d4d5e53b628193790c77f84d58

  • SHA1

    ba7c740867ad6184e9971735cc6d1bedf1443078

  • SHA256

    5218ed9598e05be41fc39d056e038c1a6fb054444ee3c5e8e54714ce1d258448

  • SHA512

    05f5e8185714f068c0f804095867e1d875c0f970f61078f3f42effae565baf7a507daf841037df777745882901af74f40e18ade08f743ad368cb2b18c0eced6e

Score
8/10
discoveryexploit

Malware Config

Targets

    • Target

      111.90.151.174_7777__destroy.bat

    • Size

      2KB

    • MD5

      584db4d4d5e53b628193790c77f84d58

    • SHA1

      ba7c740867ad6184e9971735cc6d1bedf1443078

    • SHA256

      5218ed9598e05be41fc39d056e038c1a6fb054444ee3c5e8e54714ce1d258448

    • SHA512

      05f5e8185714f068c0f804095867e1d875c0f970f61078f3f42effae565baf7a507daf841037df777745882901af74f40e18ade08f743ad368cb2b18c0eced6e

    Score
    8/10
    discoveryexploit

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks