b9be935790026004679468c8afdd70fbf3fbed9b85e046dc59377cf3266b5597 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Hydrogen Setup.bat
Size

728B
Sample

240522-pgkrxsab7v
MD5

c7930560d45e1446335b12201024a272
SHA1

d4c7cca74cb1361ddfe789d714f4e4b556c94646
SHA256

b9be935790026004679468c8afdd70fbf3fbed9b85e046dc59377cf3266b5597
SHA512

4b60c53b39553513be8e58215b4010d4dd61abb98fcd007fb13909e20cc76891cf2dd9f3993584c078b4ef8334b7e2c119bde7bf2206158eac1033fca0ed9b3d

Score

8^/10

execution

Malware Config

Targets

- Target
  
  Hydrogen Setup.bat
- Size
  
  728B
- MD5
  
  c7930560d45e1446335b12201024a272
- SHA1
  
  d4c7cca74cb1361ddfe789d714f4e4b556c94646
- SHA256
  
  b9be935790026004679468c8afdd70fbf3fbed9b85e046dc59377cf3266b5597
- SHA512
  
  4b60c53b39553513be8e58215b4010d4dd61abb98fcd007fb13909e20cc76891cf2dd9f3993584c078b4ef8334b7e2c119bde7bf2206158eac1033fca0ed9b3d
Score

8^/10

execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2