General

  • Target

    2a93f789e9db7989d85f309b704bf7e1a01188f38533ab940f2ae18815bc2158.bat

  • Size

    1.4MB

  • Sample

    240602-bgjb7sde2s

  • MD5

    84a7717ec3d2e7eb453c7e5c2af9b60a

  • SHA1

    21e673e12cf15adb8f35c84de8c2d135eb7f3c75

  • SHA256

    2a93f789e9db7989d85f309b704bf7e1a01188f38533ab940f2ae18815bc2158

  • SHA512

    d67b35fdeee5026e6d49a5e116198ff4256ad063b8e787866243e0352f6da8ce62ce7e7939193bb875290edb455c468f2df29965494c0aa7b6174fcfe49b814d

  • SSDEEP

    24576:BZ1uWUTHs5lGIK6hUTQ4EReqxDePNO0AShwltegOroghMeV+L:BZHy/6ENOTjlZjx

Score
8/10

Malware Config

Targets

    • Target

      2a93f789e9db7989d85f309b704bf7e1a01188f38533ab940f2ae18815bc2158.bat

    • Size

      1.4MB

    • MD5

      84a7717ec3d2e7eb453c7e5c2af9b60a

    • SHA1

      21e673e12cf15adb8f35c84de8c2d135eb7f3c75

    • SHA256

      2a93f789e9db7989d85f309b704bf7e1a01188f38533ab940f2ae18815bc2158

    • SHA512

      d67b35fdeee5026e6d49a5e116198ff4256ad063b8e787866243e0352f6da8ce62ce7e7939193bb875290edb455c468f2df29965494c0aa7b6174fcfe49b814d

    • SSDEEP

      24576:BZ1uWUTHs5lGIK6hUTQ4EReqxDePNO0AShwltegOroghMeV+L:BZHy/6ENOTjlZjx

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks