Overview

overview

7

Static

static

1

BatchPatch.exe

windows7-x64

1

BatchPatch.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BatchPatch.exe

  • Size

    3.7MB

  • Sample

    230324-k1mcmsfd7y

  • MD5

    a193084d7473903c7e5ee9e2c4b7def7

  • SHA1

    8466b95167905a694ae02f84d6fb7f754c6995ee

  • SHA256

    31e7775f9a9b7b27d0d24660040d90ce927362e87a19dbdc0c1e646529474dfa

  • SHA512

    2c9e8ef32002d67ee62a65d5122f5a65182a9da15f07a12719e9f3f7c00ac3e9aae07c88b6953b06fff81a60ba162688536970d6ac3a4c3586104487eec55bca

  • SSDEEP

    49152:kh4JycxKB+AnwoR01gYDmIByjsoIhO2g3Wyk:kaYcx6+Ag1gYPyRIhO2gmn

Score
7/10
microsoftphishing

Malware Config

Targets

    • Target

      BatchPatch.exe

    • Size

      3.7MB

    • MD5

      a193084d7473903c7e5ee9e2c4b7def7

    • SHA1

      8466b95167905a694ae02f84d6fb7f754c6995ee

    • SHA256

      31e7775f9a9b7b27d0d24660040d90ce927362e87a19dbdc0c1e646529474dfa

    • SHA512

      2c9e8ef32002d67ee62a65d5122f5a65182a9da15f07a12719e9f3f7c00ac3e9aae07c88b6953b06fff81a60ba162688536970d6ac3a4c3586104487eec55bca

    • SSDEEP

      49152:kh4JycxKB+AnwoR01gYDmIByjsoIhO2g3Wyk:kaYcx6+Ag1gYPyRIhO2gmn

    Score
    7/10
    microsoftphishing

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks