Overview

overview

8

Static

static

1

batch.bat

windows10-1703-x64

Resubmissions

08-05-2024 16:02

240508-tg48sace4y 3

08-05-2024 16:00

240508-tfvb7aeg97 8

08-05-2024 15:57

240508-td9dbscc8s 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    batch.bat

  • Size

    80B

  • Sample

    240508-tfvb7aeg97

  • MD5

    109ddb1f24ba8029edf2f840edbe0092

  • SHA1

    e2abcec9131334dd6f305c6fcb24bd2d60ca9547

  • SHA256

    3fdc5210cbf84e65c893a5143edbdd0157d2e80776887ba7de619279675a3cb1

  • SHA512

    436937e4d48c169a4ccbad28af2efaa215122f49db7938a530bc924afda36493789e6be88702cb7d3c3ad217b69527bcb148bebd29047ae3a89a5a798ae5f7c8

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      batch.bat

    • Size

      80B

    • MD5

      109ddb1f24ba8029edf2f840edbe0092

    • SHA1

      e2abcec9131334dd6f305c6fcb24bd2d60ca9547

    • SHA256

      3fdc5210cbf84e65c893a5143edbdd0157d2e80776887ba7de619279675a3cb1

    • SHA512

      436937e4d48c169a4ccbad28af2efaa215122f49db7938a530bc924afda36493789e6be88702cb7d3c3ad217b69527bcb148bebd29047ae3a89a5a798ae5f7c8

    Score
    8/10
    evasionpersistence

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks