3d5b60120ceeed074410204dddf41294993446da6fe6b77e39ee0f0e7aab3484 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

agpa.bat
Size

8KB
Sample

231127-24axfsdf5v
MD5

0496226b32b55b4943f0e8b5a5b16f82
SHA1

5343d68e81669cfa732e5d03287f4e51e8b5bb92
SHA256

3d5b60120ceeed074410204dddf41294993446da6fe6b77e39ee0f0e7aab3484
SHA512

1c2fadeb41cd7f9da624b833c8e845905beaf65635ac56c46f9a43b89cf11a610073303ad22c3362dc28e5d177ff92e7815eb7d6c5bcfc528f3b9aa0a17b6818
SSDEEP

192:tFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF:p

Score

7^/10

Malware Config

Targets

- Target
  
  agpa.bat
- Size
  
  8KB
- MD5
  
  0496226b32b55b4943f0e8b5a5b16f82
- SHA1
  
  5343d68e81669cfa732e5d03287f4e51e8b5bb92
- SHA256
  
  3d5b60120ceeed074410204dddf41294993446da6fe6b77e39ee0f0e7aab3484
- SHA512
  
  1c2fadeb41cd7f9da624b833c8e845905beaf65635ac56c46f9a43b89cf11a610073303ad22c3362dc28e5d177ff92e7815eb7d6c5bcfc528f3b9aa0a17b6818
- SSDEEP
  
  192:tFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF:p
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2