60fdf3faa45afba1ae3eedd2c907823df09d2d48a00cc24422359b9ed36cc7e2 | Triage

Sharing

General

Target

87701998988115993.bat
Size

2KB
Sample

240714-ld769sxdjf
MD5

96dec0bde26cb384fc11ebf3abe436a5
SHA1

75704fa12f453dfb24a10400698117b1998f96ad
SHA256

60fdf3faa45afba1ae3eedd2c907823df09d2d48a00cc24422359b9ed36cc7e2
SHA512

840bb85749ef08699f216f7012e92777d78582f0e3caa2641c250e0df346cc49690576a9fa5d198717c9b36a427a741008f0bdc664a30c2666f223db8074dfac

Score

8^/10

execution

Malware Config

Targets

- Target
  
  87701998988115993.bat
- Size
  
  2KB
- MD5
  
  96dec0bde26cb384fc11ebf3abe436a5
- SHA1
  
  75704fa12f453dfb24a10400698117b1998f96ad
- SHA256
  
  60fdf3faa45afba1ae3eedd2c907823df09d2d48a00cc24422359b9ed36cc7e2
- SHA512
  
  840bb85749ef08699f216f7012e92777d78582f0e3caa2641c250e0df346cc49690576a9fa5d198717c9b36a427a741008f0bdc664a30c2666f223db8074dfac
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2