1c3835314fc932f2ab1bd8b00f6def840ef882be84ef48cf0a42dab7608e5eb9 | Triage

Submit
Reports

Overview

overview

Static

static

1

Eulen Cracked.bat

windows10-2004-x64

Sharing

General

Target

Eulen Cracked.bat
Size

12.5MB
Sample

231105-lqreaaea3y
MD5

1273b42c54ea4d894da5fb5f81a9454e
SHA1

49ea0aa84e26c8ce93ed6b1b2eb5405700e1f130
SHA256

1c3835314fc932f2ab1bd8b00f6def840ef882be84ef48cf0a42dab7608e5eb9
SHA512

e3580996f208f7738dd6a169307acc56ecc6cba656116b7a6ada8843c6008585de055c91d66b61f0f2e53eaf587185225d99dabd2304db8ca57bb33cd17cfd85
SSDEEP

49152:kkMl9ENcSVFUUbJSsgRbTRX+PnDrminNyhNmlkuMEfGqZC4mCEVeLYDcyQ6gHHVV:/

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

Eulen Cracked.bat

Resource

win10v2004-20231023-en

windows10-2004-x64

11 signatures

1200 seconds

Malware Config

Targets

- Target
  
  Eulen Cracked.bat
- Size
  
  12.5MB
- MD5
  
  1273b42c54ea4d894da5fb5f81a9454e
- SHA1
  
  49ea0aa84e26c8ce93ed6b1b2eb5405700e1f130
- SHA256
  
  1c3835314fc932f2ab1bd8b00f6def840ef882be84ef48cf0a42dab7608e5eb9
- SHA512
  
  e3580996f208f7738dd6a169307acc56ecc6cba656116b7a6ada8843c6008585de055c91d66b61f0f2e53eaf587185225d99dabd2304db8ca57bb33cd17cfd85
- SSDEEP
  
  49152:kkMl9ENcSVFUUbJSsgRbTRX+PnDrminNyhNmlkuMEfGqZC4mCEVeLYDcyQ6gHHVV:/
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy