General
-
Target
Bat2Exe-main.rar
-
Size
926KB
-
Sample
240228-baxagsfe4y
-
MD5
a68d8d819c0d5218bb8984ad928a8cb1
-
SHA1
575f96b5cd0d8f62ccf7415dfcc2cb19a6ea62f2
-
SHA256
1ba110b17eac396a440060850d992c125eb4ba7acbb3479399170af36cdace6a
-
SHA512
d79380deddc001dd3ba28204498ca2e1896841d025c521fd35576290c86a5b1c70c53b1523f3a1e9de257338ef69045740bf7418bf413b65b189bdacd7e42eac
-
SSDEEP
12288:X/VU1fK7QZu519cVuSziZWjSz9b6aWRMx5z1wQ2CZZDGYEBKPuCxrtHqhoJDBIn:X/qu5QVuSe95Ksh1120EBHCs
Behavioral task
behavioral1
Sample
Bat2Exe-main.rar
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Bat2Exe-main.rar
-
Size
926KB
-
MD5
a68d8d819c0d5218bb8984ad928a8cb1
-
SHA1
575f96b5cd0d8f62ccf7415dfcc2cb19a6ea62f2
-
SHA256
1ba110b17eac396a440060850d992c125eb4ba7acbb3479399170af36cdace6a
-
SHA512
d79380deddc001dd3ba28204498ca2e1896841d025c521fd35576290c86a5b1c70c53b1523f3a1e9de257338ef69045740bf7418bf413b65b189bdacd7e42eac
-
SSDEEP
12288:X/VU1fK7QZu519cVuSziZWjSz9b6aWRMx5z1wQ2CZZDGYEBKPuCxrtHqhoJDBIn:X/qu5QVuSe95Ksh1120EBHCs
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-