5d247b3658b87ae5c468451740643f7ca686cbf2d8a45d8f6bc11d12c3372c06 | Triage

Sharing

General

Target

5d247b3658b87ae5c468451740643f7ca686cbf2d8a45d8f6bc11d12c3372c06.bat
Size

2KB
Sample

240713-mbrl6syfpg
MD5

9df503acd64eed2a008f3cb255416fbc
SHA1

3953b57b7e4a6fe003799c19047b74a51584c69a
SHA256

5d247b3658b87ae5c468451740643f7ca686cbf2d8a45d8f6bc11d12c3372c06
SHA512

aa69e1db429e8d973146badf8e58ab637635a1824208a03b5851f4e8af6a44e7b8efa94edfcaf7d66f471e0911b8ad05059c75cfd318d5c69dc9422a827f0ea8

Score

8^/10

execution

Malware Config

Targets

- Target
  
  5d247b3658b87ae5c468451740643f7ca686cbf2d8a45d8f6bc11d12c3372c06.bat
- Size
  
  2KB
- MD5
  
  9df503acd64eed2a008f3cb255416fbc
- SHA1
  
  3953b57b7e4a6fe003799c19047b74a51584c69a
- SHA256
  
  5d247b3658b87ae5c468451740643f7ca686cbf2d8a45d8f6bc11d12c3372c06
- SHA512
  
  aa69e1db429e8d973146badf8e58ab637635a1824208a03b5851f4e8af6a44e7b8efa94edfcaf7d66f471e0911b8ad05059c75cfd318d5c69dc9422a827f0ea8
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2