d51b466d9bd852e4b463096b9a922fe9e06e75e1258d274b576103498e578c01 | Triage

Sharing

General

Target

klink24.bat
Size

1KB
Sample

231011-zapgmsbg8x
MD5

81b71168a37befd2646587909efa050b
SHA1

965a0db15b5cf77ea3c285d4f49d41b92a3d364d
SHA256

d51b466d9bd852e4b463096b9a922fe9e06e75e1258d274b576103498e578c01
SHA512

55e5a056d70b6799600c28d084593cdbde2eab836b33024d458f00971f03a87a076b760ee6b21913523996d20b695bc7f024eb59e46c03aa253708e5fd62339b

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  klink24.bat
- Size
  
  1KB
- MD5
  
  81b71168a37befd2646587909efa050b
- SHA1
  
  965a0db15b5cf77ea3c285d4f49d41b92a3d364d
- SHA256
  
  d51b466d9bd852e4b463096b9a922fe9e06e75e1258d274b576103498e578c01
- SHA512
  
  55e5a056d70b6799600c28d084593cdbde2eab836b33024d458f00971f03a87a076b760ee6b21913523996d20b695bc7f024eb59e46c03aa253708e5fd62339b
Score

9^/10

evasion
- Grants admin privileges
  Uses net.exe to modify the user's privileges.
- Blocklisted process makes network request
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Account Manipulation

Create or Modify System Process

Windows Service

Privilege Escalation

Account Manipulation

Create or Modify System Process

Windows Service

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2