7130aff0782682c0297cedfb48d272fd43272e6351d3d262e896c91d61633712 | Triage

Sharing

General

Target

3047230422319930509.bat
Size

2KB
Sample

240715-g8cavsvgne
MD5

4a654e3c72b2741ff12d900096d03ca3
SHA1

67508113ea949801af4a858db3a37edd06dfa004
SHA256

7130aff0782682c0297cedfb48d272fd43272e6351d3d262e896c91d61633712
SHA512

4368018e102e6a44aee2ede9979e87e6668d55be60862049ce34c976563ea333b26d5c425cdf6ac24a1f30551b8c54ef29f338fa814dc2b5b6b568904ce18642

Score

8^/10

execution

Malware Config

Targets

- Target
  
  3047230422319930509.bat
- Size
  
  2KB
- MD5
  
  4a654e3c72b2741ff12d900096d03ca3
- SHA1
  
  67508113ea949801af4a858db3a37edd06dfa004
- SHA256
  
  7130aff0782682c0297cedfb48d272fd43272e6351d3d262e896c91d61633712
- SHA512
  
  4368018e102e6a44aee2ede9979e87e6668d55be60862049ce34c976563ea333b26d5c425cdf6ac24a1f30551b8c54ef29f338fa814dc2b5b6b568904ce18642
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2