a5cbee362537056f02100cc4adf8e1cbb90c7efe4d9bf4859519a75ad971848f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5cbee362537056f02100cc4adf8e1cbb90c7efe4d9bf4859519a75ad971848f.bat
Size

1.2MB
Sample

230612-ghyfeaag69
MD5

16a4591e19ae6c09a2678697c91fe9dd
SHA1

02ede0daea53d13fc1005f495e8bf847255900d4
SHA256

a5cbee362537056f02100cc4adf8e1cbb90c7efe4d9bf4859519a75ad971848f
SHA512

3f247ef7ebe70065e8e7f0c565c2c44d8dcfb744ec51eecbc2a784fe94b76042d832fa58840fe2915e697060d814961ecce7866c7199948fd52795e382db2931
SSDEEP

24576:aJ9pp+K6u+mupLdPfdJ7lzF0Fue86k6y2i+GnO/UTEbuA4eB8dybRSV:46dvtfok6t+O//bNBbRSV

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  a5cbee362537056f02100cc4adf8e1cbb90c7efe4d9bf4859519a75ad971848f.bat
- Size
  
  1.2MB
- MD5
  
  16a4591e19ae6c09a2678697c91fe9dd
- SHA1
  
  02ede0daea53d13fc1005f495e8bf847255900d4
- SHA256
  
  a5cbee362537056f02100cc4adf8e1cbb90c7efe4d9bf4859519a75ad971848f
- SHA512
  
  3f247ef7ebe70065e8e7f0c565c2c44d8dcfb744ec51eecbc2a784fe94b76042d832fa58840fe2915e697060d814961ecce7866c7199948fd52795e382db2931
- SSDEEP
  
  24576:aJ9pp+K6u+mupLdPfdJ7lzF0Fue86k6y2i+GnO/UTEbuA4eB8dybRSV:46dvtfok6t+O//bNBbRSV
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2