General
-
Target
SpotXBasic.bat
-
Size
428B
-
Sample
230316-rksytade3s
-
MD5
86051a369086cf1fea76a3afc5372b7b
-
SHA1
3b787fad5b363a3193b295ce422b496892463f02
-
SHA256
433b9c9d8ca325e6a58098480d9ea9193ef87ebd7275a6f4e81271f4e2220566
-
SHA512
8e71253ea3e27560e84613f1b4313b031711601fc5c1caedc6e8519146bdf93640351af3c24266699abba3a1e7dea6932e088557b8734705def73eda87e03b3f
Static task
static1
Malware Config
Targets
-
-
Target
SpotXBasic.bat
-
Size
428B
-
MD5
86051a369086cf1fea76a3afc5372b7b
-
SHA1
3b787fad5b363a3193b295ce422b496892463f02
-
SHA256
433b9c9d8ca325e6a58098480d9ea9193ef87ebd7275a6f4e81271f4e2220566
-
SHA512
8e71253ea3e27560e84613f1b4313b031711601fc5c1caedc6e8519146bdf93640351af3c24266699abba3a1e7dea6932e088557b8734705def73eda87e03b3f
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-