Overview

overview

10

Static

static

1

OP Menu Injector.bat

windows7-x64

10

OP Menu Injector.bat

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    OP Menu Injector.bat

  • Size

    19KB

  • Sample

    230806-jmycbagd39

  • MD5

    8db3e65351bbb84cb342decb769150c1

  • SHA1

    68dfc5c39cfa93744b44cf03fb1e49c98157636a

  • SHA256

    c51fc452ed83b0cebf59d62c9a81217e86e947b807cc323dd2f0459bf621a7d4

  • SHA512

    a01e7516f144a97e28130dc0d324cecf8ecdeb273ffdceefad668dd3c7489f46fa4e0c0e4c7c08999f1238d64719d38b633093c2c159d9cfd92f591a82711fae

  • SSDEEP

    384:WGstbMSdVAg9120aNEkidYGxQYUfPt7GusKrTt2OoXatpM:WjCDfNENYGxQYUfPt7GusKrTtHoXatpM

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://discord.com/api/webhooks/1137601225928486912/C356FRtlCF6a-LVmDsvwOXijO8f8bkdZubw284UsH1Fc414nHlNVIuSfE18HxKc-N3_F

Extracted

Language
ps1
Source
URLs
exe.dropper

https://discord.com/api/webhooks/1137601225928486912/C356FRtlCF6a-LVmDsvwOXijO8f8bkdZubw284UsH1Fc414nHlNVIuSfE18HxKc-N3_F

Targets

    • Target

      OP Menu Injector.bat

    • Size

      19KB

    • MD5

      8db3e65351bbb84cb342decb769150c1

    • SHA1

      68dfc5c39cfa93744b44cf03fb1e49c98157636a

    • SHA256

      c51fc452ed83b0cebf59d62c9a81217e86e947b807cc323dd2f0459bf621a7d4

    • SHA512

      a01e7516f144a97e28130dc0d324cecf8ecdeb273ffdceefad668dd3c7489f46fa4e0c0e4c7c08999f1238d64719d38b633093c2c159d9cfd92f591a82711fae

    • SSDEEP

      384:WGstbMSdVAg9120aNEkidYGxQYUfPt7GusKrTt2OoXatpM:WjCDfNENYGxQYUfPt7GusKrTtHoXatpM

    Score
    10/10

    • Blocklisted process makes network request

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks