General

  • Target

    77da25eafac119acdf796759f2342b4c2ac0b3467d33da4f1c08433a51599502

  • Size

    1.0MB

  • Sample

    231021-mvb1tsec2v

  • MD5

    ff63bf270093b985bad0a9207247aee6

  • SHA1

    2db806aac05059171f7aadee6defef9a9e069e97

  • SHA256

    77da25eafac119acdf796759f2342b4c2ac0b3467d33da4f1c08433a51599502

  • SHA512

    e7a58dda0319edf7354683376a575c3e0f6734ab9b262bf8091cceaf625d1fd36f4bfbd305d8e3ffbef0103414ae518573ffb0517e77a4a700066159b39bb05e

  • SSDEEP

    24576:d6rDK9MEjp68XMEbJbrbKSLhf2mI6H1jGY8xq5vxfv:KmthVbJbrxh5jHQY8xq55fv

Score
7/10

Malware Config

Targets

    • Target

      Bat2Exe/Bat2Exe.exe

    • Size

      470KB

    • MD5

      2e08f8ee999770a68bad99352762c5e2

    • SHA1

      37c7500f027973c36e9e142ce9c51e40680c05b1

    • SHA256

      b3989774a1463e90d139419ac9ebd0ad02f913fbf677fe1fa1e1702fe61816e7

    • SHA512

      f2fef37ef8499141186ffc0f849ca14bca597e373bb4a80c8698bb1099a445bcd3585759990e2a5ee271ad29d0aa80e15dcf4197850187d37f32a9b0549a45e3

    • SSDEEP

      6144:NPd1bapJl0uBBY+RePP+RiC72l0uBBY+RePP+Ri:NPdYpA+Qyj+Q

    Score
    7/10
    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Target

      Bat2Exe/Guna.UI2.dll

    • Size

      2.0MB

    • MD5

      f217e8054b7dbbcbd4ab10baf4750588

    • SHA1

      b1c3089e6b895e6415c36beb82516746e19d2b55

    • SHA256

      6a542d4e68417d91d0a21f9e5b85449959325b29e2410c3ef1df7526dd091194

    • SHA512

      ba778f3c3819364954b6681bbdb87cf9ca2c34d8b0e6e76df665a2d93a94c9b421893a977960d24a908bc9b7209749fee65c930ef0776a0195265193846fe56e

    • SSDEEP

      24576:d+NEfBpDsH/bTIRPZyiXeq+Tc7XRbF+TSgkrwf9Pa3oZm8jqG4LEx1npSBeX673f:dB9+OgRpUwXpUeXQq5dn

    Score
    1/10
    • Target

      Bat2Exe/NDesk.Options.dll

    • Size

      21KB

    • MD5

      da56f1211f7dec41913719b608c95424

    • SHA1

      1314d264c8e8dbacae4512710c92875d61957750

    • SHA256

      800c0ae0f2acc15be2c89528fe78cea7400799d44ff14cb5a1251371f20c8982

    • SHA512

      9e671cf6199ebe9093aa29d3a4186d6f406e1c23c5efb18d1cc4ae07ad32d0f945b10f180249aceee1b9b555c3504cdeae67699cb3f2dfe7e78c8bb1ec676a8c

    • SSDEEP

      384:OpTFFjdfOi2SWJFOGa3LAxU7BZHQ80ncxBWXc65hNwNjjVokOkdanK4c4:UF1dO33OGru7vNHVoFSaY4

    Score
    1/10
    • Target

      Bat2Exe/bytepress.exe

    • Size

      72KB

    • MD5

      4478768f7aac1f0522bfb245a7e30a6e

    • SHA1

      e929cf09204ff0880301ac64ac3cc2522799f51e

    • SHA256

      128867d612cd9677f253a7240f72f25c487dbcdea183c8c23e2dcfa6ec3d95b4

    • SHA512

      52d31eb1dd42949adf0023adeaeff4bcd32ca7f7eb3ce235c7aa0f9550d112f9679873a6e67449f8772699ffbaf9eedccd07c73113c1327c8ee12479831d0ed8

    • SSDEEP

      1536:QzHUFWCmqbt3GBLONP/ESq+6HVXFjqCd5jJUc+OUEYbHQhiTxyeFS5ssO:uyPmiZG2P/ESqJVXFjqCzUEYbHT+I

    Score
    1/10
    • Target

      Bat2Exe/bytepress.lib.dll

    • Size

      43KB

    • MD5

      f957fd7dc22e1c86624840058ad26bf5

    • SHA1

      a1838096add353944fbc718e6adcfbacb2446bbc

    • SHA256

      296c574bafa02595a47bb3107f4c9321f2f0eaaa159cd5d1ad414e9ef6870afc

    • SHA512

      5c5edb71bca4c5338be586b2c490d5a709f6d13f28a31c080cc503f46cffa33ad758d9daa9929f64044297313244cb59c2f6b7a9ffbd5ef19324b0f5494ab0a9

    • SSDEEP

      768:arUwl0PX2aFFGCCNguRIY5e6+cs0ckRakJIIViE6KgBFtNYneKJThAXJE+9rAuUd:arlM3CguRIY5e6+cs0ckRakJIIVi7Bhm

    Score
    1/10

MITRE ATT&CK Matrix

Tasks