Overview

overview

9

Static

static

1

DriverFix ...z).bat

windows7-x64

9

DriverFix ...z).bat

windows10-2004-x64

9

Resubmissions

16/03/2024, 13:26

240316-qpndfsdh42 9

16/03/2024, 13:22

240316-ql9saadg74 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    DriverFix - (Kurz).bat

  • Size

    292B

  • Sample

    240316-qpndfsdh42

  • MD5

    2330f1ec12b9069dacc4f5dbc1462f3d

  • SHA1

    5c6470acf9e50b4b32966f382dcaa976ed12f149

  • SHA256

    53af84f89204e7ed5730f3d7ed803bf25bb5bd4dd426be55111e3cca0d2d6fe0

  • SHA512

    bfe78a9bb648afd4b6c8c22f4d0d8e58a7299800db4184cd9e1971ec48792f66d3bedf7d2b5ac835280d8c6e40c2801224189b9005355d14dc4a835fd831ed32

Score
9/10
ransomware

Malware Config

Targets

    • Target

      DriverFix - (Kurz).bat

    • Size

      292B

    • MD5

      2330f1ec12b9069dacc4f5dbc1462f3d

    • SHA1

      5c6470acf9e50b4b32966f382dcaa976ed12f149

    • SHA256

      53af84f89204e7ed5730f3d7ed803bf25bb5bd4dd426be55111e3cca0d2d6fe0

    • SHA512

      bfe78a9bb648afd4b6c8c22f4d0d8e58a7299800db4184cd9e1971ec48792f66d3bedf7d2b5ac835280d8c6e40c2801224189b9005355d14dc4a835fd831ed32

    Score
    9/10
    ransomware

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks