e8f77c6ed8ccf23a9a3aecceadf0794f486ea39f6fd9f99a8c249cfef30af3c3 | Triage

Submit
Reports

Overview

overview

8

Static

static

Half-Life.bat

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

Half-Life.bat
Size

290B
Sample

221227-f9c34she4v
MD5

f74e6b5246c889bbed2ab6458d00b16c
SHA1

87823a620d7eab058b6e490b64957b57d70895a0
SHA256

e8f77c6ed8ccf23a9a3aecceadf0794f486ea39f6fd9f99a8c249cfef30af3c3
SHA512

3a1edf80ed520dbfca88beb69b62db3e520227c8f8e3b1b9356600d029ad8d098662693c4798d8b07aa73ae3ac61adb0ab02c9ec4bdc1a76f249027be3f82949

Score

8^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

Half-Life.bat

Resource

win10v2004-20221111-en

windows10-2004-x64

23 signatures

300 seconds

Malware Config

Targets

- Target
  
  Half-Life.bat
- Size
  
  290B
- MD5
  
  f74e6b5246c889bbed2ab6458d00b16c
- SHA1
  
  87823a620d7eab058b6e490b64957b57d70895a0
- SHA256
  
  e8f77c6ed8ccf23a9a3aecceadf0794f486ea39f6fd9f99a8c249cfef30af3c3
- SHA512
  
  3a1edf80ed520dbfca88beb69b62db3e520227c8f8e3b1b9356600d029ad8d098662693c4798d8b07aa73ae3ac61adb0ab02c9ec4bdc1a76f249027be3f82949
Score

8^/10

discovery
- Downloads MZ/PE file
- Drops file in Drivers directory
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy