b181a84f7b7b12cabba8892516f6231b03b2e6fbc6606e5d963245b0b008bff3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

rapy test3.bat
Size

1KB
Sample

240420-qw1blahh34
MD5

d1d7ebf05e30624aa347220c87f1867c
SHA1

b7ec396415e2d226c08dd3058fdf9e179939795e
SHA256

b181a84f7b7b12cabba8892516f6231b03b2e6fbc6606e5d963245b0b008bff3
SHA512

29509b75710e99f7083dfb6afb61c4b875190ce9043f199224950aaabf34df3c4afe5d9866f6ed3c2cf679ebac6179f402eab18b3bf3fffe33b26ba85355cd59

Score

6^/10

Malware Config

Targets

- Target
  
  rapy test3.bat
- Size
  
  1KB
- MD5
  
  d1d7ebf05e30624aa347220c87f1867c
- SHA1
  
  b7ec396415e2d226c08dd3058fdf9e179939795e
- SHA256
  
  b181a84f7b7b12cabba8892516f6231b03b2e6fbc6606e5d963245b0b008bff3
- SHA512
  
  29509b75710e99f7083dfb6afb61c4b875190ce9043f199224950aaabf34df3c4afe5d9866f6ed3c2cf679ebac6179f402eab18b3bf3fffe33b26ba85355cd59
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3