Overview

overview

8

Static

static

1

Wondershar....2.bat

windows7-x64

8

Wondershar....2.bat

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Wondershare hosts blocker v1.2.bat

  • Size

    9KB

  • Sample

    230301-yfnlvshh68

  • MD5

    c4e70813c85b025ee114ce337e5b58cf

  • SHA1

    b85aec6790fdd921ea214eab4355b244993db6dc

  • SHA256

    69704acb95e0b65d6c6378446bee0a75f62f19ef4970961dfcbe0fe62a96ef64

  • SHA512

    1de298d45b9350ca4a475e995a08140bf00a4ddedc3a69305f6f59942fdced7e9aa7927587d9b8b9842c24998d9ff287f6f779247e187cf0b4d0dab69c6fef85

  • SSDEEP

    192:ip4YsQ24t9O2O6HvmKYg8Kx84Lm6E4frUIsog8iyK6AI0sOeg0KGa2JNtxGa3zUc:+

Score
8/10
discoveryexploit

Malware Config

Targets

    • Target

      Wondershare hosts blocker v1.2.bat

    • Size

      9KB

    • MD5

      c4e70813c85b025ee114ce337e5b58cf

    • SHA1

      b85aec6790fdd921ea214eab4355b244993db6dc

    • SHA256

      69704acb95e0b65d6c6378446bee0a75f62f19ef4970961dfcbe0fe62a96ef64

    • SHA512

      1de298d45b9350ca4a475e995a08140bf00a4ddedc3a69305f6f59942fdced7e9aa7927587d9b8b9842c24998d9ff287f6f779247e187cf0b4d0dab69c6fef85

    • SSDEEP

      192:ip4YsQ24t9O2O6HvmKYg8Kx84Lm6E4frUIsog8iyK6AI0sOeg0KGa2JNtxGa3zUc:+

    Score
    8/10
    discoveryexploit

    • Drops file in Drivers directory

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks