Overview

overview

8

Static

static

Block Host.cmd

windows7-x64

8

Block Host.cmd

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Block Host.cmd

  • Size

    4KB

  • Sample

    230201-nr4gcaeh7w

  • MD5

    6ba5c46261ff52e7438f21ccef5f8c7e

  • SHA1

    acdf309fbfebecb7a93b78068fc1498fae4d9e62

  • SHA256

    f7d87d0a3977d9ed4ed6eaa2da2fe2aea9564f58cf062f828dec0aa21d9ec11e

  • SHA512

    106b05fbeca31c78e5e5f33cbd62580aac1b4ef781a78ac2cbe80f92eb01f75beeaa480772dcf2f9f2bbea178e681aff2247dd3d08387b35ca507b90b4a5cc43

  • SSDEEP

    96:zGXTD6E4YsQlPtYyjZW0vQH5aROc37gC9r2of6:zeDn4YsQlPtYyjZW0vQH5aROc37gC9rA

Score
8/10
discoveryexploit

Malware Config

Targets

    • Target

      Block Host.cmd

    • Size

      4KB

    • MD5

      6ba5c46261ff52e7438f21ccef5f8c7e

    • SHA1

      acdf309fbfebecb7a93b78068fc1498fae4d9e62

    • SHA256

      f7d87d0a3977d9ed4ed6eaa2da2fe2aea9564f58cf062f828dec0aa21d9ec11e

    • SHA512

      106b05fbeca31c78e5e5f33cbd62580aac1b4ef781a78ac2cbe80f92eb01f75beeaa480772dcf2f9f2bbea178e681aff2247dd3d08387b35ca507b90b4a5cc43

    • SSDEEP

      96:zGXTD6E4YsQlPtYyjZW0vQH5aROc37gC9r2of6:zeDn4YsQlPtYyjZW0vQH5aROc37gC9rA

    Score
    8/10
    discoveryexploit

    • Drops file in Drivers directory

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks