94d49953087405c7217647ddbdbabc0ebe9b81f08b78bd1f19428d9a5d490fad | Triage

Sharing

General

Target

45401207011619030.bat
Size

2KB
Sample

240713-ql79fsvbka
MD5

fa49fc3b6fc27d91af031bf4a49a372b
SHA1

82c299e7a0a08d9056b65c9388a66a79562be30f
SHA256

94d49953087405c7217647ddbdbabc0ebe9b81f08b78bd1f19428d9a5d490fad
SHA512

f44b472828e7c1df7831940b610d9a243e4a041020dd9663906f3f88e4427031faae18041417a99c0ff754f7ff6447c29c225b443277db3a2eda8f39345964fb

Score

8^/10

execution

Malware Config

Targets

- Target
  
  45401207011619030.bat
- Size
  
  2KB
- MD5
  
  fa49fc3b6fc27d91af031bf4a49a372b
- SHA1
  
  82c299e7a0a08d9056b65c9388a66a79562be30f
- SHA256
  
  94d49953087405c7217647ddbdbabc0ebe9b81f08b78bd1f19428d9a5d490fad
- SHA512
  
  f44b472828e7c1df7831940b610d9a243e4a041020dd9663906f3f88e4427031faae18041417a99c0ff754f7ff6447c29c225b443277db3a2eda8f39345964fb
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2