Overview

overview

10

Static

static

1

4ukpag0ymmbat.bat

windows7-x64

7

4ukpag0ymmbat.bat

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4ukpag0ymmbat.bat

  • Size

    12.7MB

  • Sample

    230705-npw99abh38

  • MD5

    a6eb306f1a365c355e0db7cf5516019c

  • SHA1

    3825d2a7c41c8c8ed6d646741ad42343d94fa5de

  • SHA256

    4e1e20c34301d329fb9f36d346464ef839dc9619646c5f3c26d7510e9ca51811

  • SHA512

    2ea9ffdfed9bad624e235022b011fb76bb4270c73a564ce11e130b6005cfa63b93b7d9c9931afebc213bf4ad20e493d0405a457e3a58aa84bdd5a646596d0412

  • SSDEEP

    49152:+FgeGtxeM/etcJW4EQsw9n/udfp1V7HlAQ5uYv0JIloBhA20R0VEflHvfrM2+nxn:T

Score
10/10

Malware Config

Targets

    • Target

      4ukpag0ymmbat.bat

    • Size

      12.7MB

    • MD5

      a6eb306f1a365c355e0db7cf5516019c

    • SHA1

      3825d2a7c41c8c8ed6d646741ad42343d94fa5de

    • SHA256

      4e1e20c34301d329fb9f36d346464ef839dc9619646c5f3c26d7510e9ca51811

    • SHA512

      2ea9ffdfed9bad624e235022b011fb76bb4270c73a564ce11e130b6005cfa63b93b7d9c9931afebc213bf4ad20e493d0405a457e3a58aa84bdd5a646596d0412

    • SSDEEP

      49152:+FgeGtxeM/etcJW4EQsw9n/udfp1V7HlAQ5uYv0JIloBhA20R0VEflHvfrM2+nxn:T

    Score
    10/10

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks