General
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://cdn.discordapp.com/attachments/979384913834938368/1243633677062111294/0_Delay.bat?ex=66522f9e&is=6650de1e&hm=c314ecde3dedeab2fdae681e6f1323f78e13f799629c6b66f6166967bd4552e4&
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
https://cdn.discordapp.com/attachments/979384913834938368/1243633677062111294/0_Delay.bat?ex=66522f9e&is=6650de1e&hm=c314ecde3dedeab2fdae681e6f1323f78e13f799629c6b66f6166967bd4552e4&
-
Modifies security service
-
Modifies visibility of file extensions in Explorer
-
Turns off Windows Defender SpyNet reporting
-
Modifies boot configuration data using bcdedit
-
Modifies Installed Components in the registry
-
Sets file execution options in registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
2Windows Service
2Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Privilege Escalation
Create or Modify System Process
2Windows Service
2Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Modify Registry
9Impair Defenses
3Disable or Modify Tools
3Hide Artifacts
1Hidden Files and Directories
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1