7000fabccdc2967be9c2b831e9ade0aa9cc2009ac164881203fb80691ec48fda | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75782f13b7c2d692a630959bcdab409a.cmd
Size

301B
Sample

230214-ql8j8adf34
MD5

75782f13b7c2d692a630959bcdab409a
SHA1

3eac31e90e775c303190da4604047473514032fe
SHA256

7000fabccdc2967be9c2b831e9ade0aa9cc2009ac164881203fb80691ec48fda
SHA512

0418c0e28b68564787485a01a8078ae8c743bee79fbe6bfd994ce0d437b3fce72a4b5deb7d1e34b963b127bf5508b69a1c340cbf6439370fd859be471d37cfa4

Score

8^/10

Malware Config

Targets

- Target
  
  75782f13b7c2d692a630959bcdab409a.cmd
- Size
  
  301B
- MD5
  
  75782f13b7c2d692a630959bcdab409a
- SHA1
  
  3eac31e90e775c303190da4604047473514032fe
- SHA256
  
  7000fabccdc2967be9c2b831e9ade0aa9cc2009ac164881203fb80691ec48fda
- SHA512
  
  0418c0e28b68564787485a01a8078ae8c743bee79fbe6bfd994ce0d437b3fce72a4b5deb7d1e34b963b127bf5508b69a1c340cbf6439370fd859be471d37cfa4
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2