General
-
Target
Bat2Exe.zip
-
Size
1.0MB
-
Sample
240229-1n7e2sdh86
-
MD5
b66cb33c6223d724339fe60be8bf2b43
-
SHA1
215fb0a46565c13059be931e5ca0f64d6a427f8b
-
SHA256
7c297b579944c1dccec3d655f6c84e25122eaf8c73b5e5cc8c92429fee32d19d
-
SHA512
8fdc3e2e7882a82eda3006a3c7a19336f8defb0e9930ae3b172f814b356cada4636731d700a3e31f209c5c20a0310c5def5a0c71f22db3cb41c94e6659201db3
-
SSDEEP
24576:d6rDK9MEjp68XMEbJbrbKSLhf2mI6H1jGY8xq5vxf3:KmthVbJbrxh5jHQY8xq55f3
Behavioral task
behavioral1
Sample
Bat2Exe/Bat2Exe.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Bat2Exe/Bat2Exe.exe
-
Size
470KB
-
MD5
2e08f8ee999770a68bad99352762c5e2
-
SHA1
37c7500f027973c36e9e142ce9c51e40680c05b1
-
SHA256
b3989774a1463e90d139419ac9ebd0ad02f913fbf677fe1fa1e1702fe61816e7
-
SHA512
f2fef37ef8499141186ffc0f849ca14bca597e373bb4a80c8698bb1099a445bcd3585759990e2a5ee271ad29d0aa80e15dcf4197850187d37f32a9b0549a45e3
-
SSDEEP
6144:NPd1bapJl0uBBY+RePP+RiC72l0uBBY+RePP+Ri:NPdYpA+Qyj+Q
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-