Overview

overview

10

Static

static

1

NewPuppy.bat

windows7-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NewPuppy.bat

  • Size

    1KB

  • Sample

    240416-p6pgeaag24

  • MD5

    adc0d01c8d9a715dcbdd0506c623362a

  • SHA1

    3896c3932e00893ac0562ddfadf4f64ad1e52c70

  • SHA256

    1804250d557bbaff17ddd7f55b613622bc55fd8622260f10fe2012c1bc91d88f

  • SHA512

    b1025b218eb793edbe787aba785f51ea3c48a0f104d8cec260ed6d5272cff4aafcb389f455d42fdaf30cba49ded0d375a35c957f2f49a04e40a923cdd63008fd

Score
10/10
discoveryevasionexploittrojan

Malware Config

Targets

    • Target

      NewPuppy.bat

    • Size

      1KB

    • MD5

      adc0d01c8d9a715dcbdd0506c623362a

    • SHA1

      3896c3932e00893ac0562ddfadf4f64ad1e52c70

    • SHA256

      1804250d557bbaff17ddd7f55b613622bc55fd8622260f10fe2012c1bc91d88f

    • SHA512

      b1025b218eb793edbe787aba785f51ea3c48a0f104d8cec260ed6d5272cff4aafcb389f455d42fdaf30cba49ded0d375a35c957f2f49a04e40a923cdd63008fd

    Score
    10/10
    discoveryevasionexploittrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Drops desktop.ini file(s)

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Privilege Escalation

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Defense Evasion

Modify Registry

2
T1112

Impair Defenses

1
T1562

Disable or Modify Tools

1
T1562.001

File and Directory Permissions Modification

1
T1222

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks