Overview

overview

10

Static

static

1

Uni.bat

windows7-x64

7

Uni.bat

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Uni.bat

  • Size

    14.6MB

  • Sample

    231013-c6g14sbb7v

  • MD5

    5e162353f6d4f0d3316785c49590cf47

  • SHA1

    a14a7c2639715020df5a2d84ad21236be8674cb5

  • SHA256

    c5162d43e1479ede6cff08c3aeadb08187475e85315128cdac2d32ffe681c813

  • SHA512

    323f840bf950b4f7a7feec7cd73979018ac2cdf2554e7855a22aca9ef1471eec282d6b56c66136228c8969ee3d0ea195abd587efb3b2746fd35adba1bd0bd5c0

  • SSDEEP

    49152:9aok+ydtT1GNd9t6Qeuu+ZgswnNebCyy14BWxpW25Evp/flH1v4r0KKj5dci0RGs:a

Score
10/10

Malware Config

Targets

    • Target

      Uni.bat

    • Size

      14.6MB

    • MD5

      5e162353f6d4f0d3316785c49590cf47

    • SHA1

      a14a7c2639715020df5a2d84ad21236be8674cb5

    • SHA256

      c5162d43e1479ede6cff08c3aeadb08187475e85315128cdac2d32ffe681c813

    • SHA512

      323f840bf950b4f7a7feec7cd73979018ac2cdf2554e7855a22aca9ef1471eec282d6b56c66136228c8969ee3d0ea195abd587efb3b2746fd35adba1bd0bd5c0

    • SSDEEP

      49152:9aok+ydtT1GNd9t6Qeuu+ZgswnNebCyy14BWxpW25Evp/flH1v4r0KKj5dci0RGs:a

    Score
    10/10

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks