e7abe9cba625863dc43d9aa7c12f4a422d59bdb60cee67904d54b122365af89d | Triage

Sharing

General

Target

Wondershare hosts blocker.bat
Size

5KB
Sample

230202-2nvlxsgf33
MD5

1badb991805bba70d8cf2961df21a758
SHA1

ec15fdc9b882ab0c10e6084d41eb33c031479281
SHA256

e7abe9cba625863dc43d9aa7c12f4a422d59bdb60cee67904d54b122365af89d
SHA512

6caaca7aa7ef76b6128424fa3a9bda97b57fbcc79d5fcbeba6819e81608a91653b831d12d62fc3492fb8306abcc07fe9f9fc37dd9e92b6187a73f50796a0dc29
SSDEEP

96:iGXNE4YsQvMyHMIoMrmKYg8Kx84Lm6E47bBZUImpog8iyK03AYt0sOeg0KGa25vJ:ip4YsQv9HvoQmKYg8Kx84Lm6E4frUIsk

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  Wondershare hosts blocker.bat
- Size
  
  5KB
- MD5
  
  1badb991805bba70d8cf2961df21a758
- SHA1
  
  ec15fdc9b882ab0c10e6084d41eb33c031479281
- SHA256
  
  e7abe9cba625863dc43d9aa7c12f4a422d59bdb60cee67904d54b122365af89d
- SHA512
  
  6caaca7aa7ef76b6128424fa3a9bda97b57fbcc79d5fcbeba6819e81608a91653b831d12d62fc3492fb8306abcc07fe9f9fc37dd9e92b6187a73f50796a0dc29
- SSDEEP
  
  96:iGXNE4YsQvMyHMIoMrmKYg8Kx84Lm6E47bBZUImpog8iyK03AYt0sOeg0KGa25vJ:ip4YsQv9HvoQmKYg8Kx84Lm6E4frUIsk
Score

8^/10

discovery exploit
- Drops file in Drivers directory
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

File Permissions Modification

Hidden Files and Directories

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploit

behavioral2

discoveryexploit