Overview

overview

10

Static

static

1

12428727.bat

windows7-x64

10

12428727.bat

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    12428727.7z

  • Size

    463B

  • Sample

    230630-n78e8shh36

  • MD5

    3863830a1922d2c4fcf2ae96993a47ed

  • SHA1

    587d6a0d5f3ee9cf1da04de9027568d8535fc914

  • SHA256

    62be7c9323ace94f92374c8eaff6f33142fbc64bb7c8e48a9113739e5334759f

  • SHA512

    4af0bb2fdea8d13b3daa1627a4123132e1ca06dea78a8198ac0c7efc4d3eea5bac3b17ec0de540cd17d85905dcab07d5b041bc1ff6c317539bd0f1b5ebeb6c8a

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://gsmobile.es/images/media/DVR.png

Targets

    • Target

      12428727.bat

    • Size

      7KB

    • MD5

      9ac605a0cc5d7fe8f123c9b96dca1014

    • SHA1

      27b3ee942bd67f0f8463760c8932395225a92de7

    • SHA256

      4380eb32f4092711e2b228556fd688209d97bcefa61cf85ef2cf80e391d41419

    • SHA512

      44bf5ba7aa91d1a891aed4f4694c92b0d6b761a9e85f19bc44fa43d517d41073cef383efccf2153224b05e5a565c56fba3cdffe1606d5b598ffb04ba515e54ab

    • SSDEEP

      192:xzLMzL4zLazLszLgzLjzLozL4zLfzLkjzLSzLxzLc:xzLMzL4zLazLszLgzLjzLozL4zLfzLId

    Score
    10/10

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks