837e6794ba0ffd85a04dd11fbad44f1f1dd826b837cd3c69de0940991c603fd2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Loader.bat
Size

5KB
Sample

240708-wgqrha1cnk
MD5

140860f79eb0be63565c83855139fb03
SHA1

5c75a4987bb9370a128034bc325efd5bc30eb861
SHA256

837e6794ba0ffd85a04dd11fbad44f1f1dd826b837cd3c69de0940991c603fd2
SHA512

5a6a271a7a45e8256f660014164ae88285baddea80e5bb254e0529ecce515d3a4f8b9c52d4e917f01603e33baf9dc3cc7e109c1f83514374f50db49d8b6c904c
SSDEEP

6:pFLT81R3KozLh8X02m9Mandasm97mopAasnoNJr:L81kyGk2m91csm95pAasnaJr

Score

8^/10

execution

Malware Config

Targets

- Target
  
  Loader.bat
- Size
  
  5KB
- MD5
  
  140860f79eb0be63565c83855139fb03
- SHA1
  
  5c75a4987bb9370a128034bc325efd5bc30eb861
- SHA256
  
  837e6794ba0ffd85a04dd11fbad44f1f1dd826b837cd3c69de0940991c603fd2
- SHA512
  
  5a6a271a7a45e8256f660014164ae88285baddea80e5bb254e0529ecce515d3a4f8b9c52d4e917f01603e33baf9dc3cc7e109c1f83514374f50db49d8b6c904c
- SSDEEP
  
  6:pFLT81R3KozLh8X02m9Mandasm97mopAasnoNJr:L81kyGk2m91csm95pAasnaJr
Score

8^/10

execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1