Overview

overview

10

Static

static

1

start.bat

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    start.bat

  • Size

    11.6MB

  • Sample

    230317-k1234ahc81

  • MD5

    fdebc31d302fb508a7c1b223a3b8d7f4

  • SHA1

    5fccf3979a009a009fb9b1b593b6ce6a77b0f158

  • SHA256

    54d1c72c20e28523905ad332118a19c5b822e50541b6fef3a0fa922112a345ff

  • SHA512

    4684f2a40a30def5a08621d628a2abd4dc58ced08e9a5ee3b4d6890e0e5c836c1677a6b9d56b902fceea28b1a9e8e298345cc1ae521999eee69e715638eb9887

  • SSDEEP

    49152:U9zvZYrh/s7QxslG8Bvl0YfLOkHlIewIrEnr9PVvBxPqHSNji+bxle+UtXjkE34J:l

Score
10/10

Malware Config

Targets

    • Target

      start.bat

    • Size

      11.6MB

    • MD5

      fdebc31d302fb508a7c1b223a3b8d7f4

    • SHA1

      5fccf3979a009a009fb9b1b593b6ce6a77b0f158

    • SHA256

      54d1c72c20e28523905ad332118a19c5b822e50541b6fef3a0fa922112a345ff

    • SHA512

      4684f2a40a30def5a08621d628a2abd4dc58ced08e9a5ee3b4d6890e0e5c836c1677a6b9d56b902fceea28b1a9e8e298345cc1ae521999eee69e715638eb9887

    • SSDEEP

      49152:U9zvZYrh/s7QxslG8Bvl0YfLOkHlIewIrEnr9PVvBxPqHSNji+bxle+UtXjkE34J:l

    Score
    10/10

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks