fc0b2dc495e57769f7e29ee3b71d3930b85a3ab0ad2a44c022501d2fa7101299 | Triage

Resubmissions

14/07/2024, 02:46

240714-c9b92atepl 8

Sharing

General

Target

14871121613120314923.bat
Size

2KB
Sample

240714-c9b92atepl
MD5

0d08ba9e484cc158320153b3a1dc6e2d
SHA1

5419129ee86013e62865985c62b62a4ef2626ec6
SHA256

fc0b2dc495e57769f7e29ee3b71d3930b85a3ab0ad2a44c022501d2fa7101299
SHA512

4e2be27781fee03bcc5daedf440a57755f0994927a21de30812892c5e701841df492d03f09869216206c0856c86c2268d8a3e338932f1bd1bd0860d8b00d0ebb

Score

8^/10

execution

Malware Config

Targets

- Target
  
  14871121613120314923.bat
- Size
  
  2KB
- MD5
  
  0d08ba9e484cc158320153b3a1dc6e2d
- SHA1
  
  5419129ee86013e62865985c62b62a4ef2626ec6
- SHA256
  
  fc0b2dc495e57769f7e29ee3b71d3930b85a3ab0ad2a44c022501d2fa7101299
- SHA512
  
  4e2be27781fee03bcc5daedf440a57755f0994927a21de30812892c5e701841df492d03f09869216206c0856c86c2268d8a3e338932f1bd1bd0860d8b00d0ebb
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2