General

  • Target

    open_me.bat

  • Size

    782B

  • Sample

    240601-y5hf5sef86

  • MD5

    9b2d0b925383eab50805e2a72af79c05

  • SHA1

    71407bba07f689a1d0da624a4882828af8fe270c

  • SHA256

    02848efc25c47d460a92ab67f2a2da176fa21f6eec3deb1091bd5f154cfafed6

  • SHA512

    1f11c576c5248e979d14f096a21caa05153115e8717dd65a23c9b36a0c75ce34f718fa066b0934e7493f73fa26259bb4816c837f25dbd207343b918908fd0e31

Score
8/10

Malware Config

Targets

    • Target

      open_me.bat

    • Size

      782B

    • MD5

      9b2d0b925383eab50805e2a72af79c05

    • SHA1

      71407bba07f689a1d0da624a4882828af8fe270c

    • SHA256

      02848efc25c47d460a92ab67f2a2da176fa21f6eec3deb1091bd5f154cfafed6

    • SHA512

      1f11c576c5248e979d14f096a21caa05153115e8717dd65a23c9b36a0c75ce34f718fa066b0934e7493f73fa26259bb4816c837f25dbd207343b918908fd0e31

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks