Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
THE GAME.bat
Resource
win10v2004-20240508-en
2 signatures
150 seconds
General
-
Target
THE GAME.bat
-
Size
9KB
-
MD5
9502594ff3825cb8099b53c7b0c5fb5f
-
SHA1
b6c54589a166c65e6e3f9aae4893748f4d7bcf4b
-
SHA256
46b4a5fb8089d1437fc712aec8b999caa34ae8644e9c3d1cc5ff8990c19a4109
-
SHA512
7e61d83c4ef2ba84fd955033e7b6ea961dc17ebd98e92a005c9aa8474985c3c4123a1c87348d25cf7705f2cf687a4bf9459374918c6fede8622c83c385b50cf5
-
SSDEEP
192:5eR/b5lTseT5skMiCNRWzWUCNRWzWnMT3RV3yqZZlo0o/hr+pMnKFYjq2eiwAu63:5eRn1MiCO6UCO6nMTBV3yqZZej/hr+pK
Score
7/10
Malware Config
Signatures
-
Checks for this command that runs a batch skript as administrator: net session >nul 2>&1 || (powershell start -verb runas '"%~0"' &exit /b) 1 IoCs
The Command is used in malicious skripts to make shure they are run as Administrator.
resource yara_rule sample DetectNetSessionCommand_FA
Files
-
THE GAME.bat.bat .vbs