9d67631cce10784d6f59eff3308ce3ebec10d91fd6c596312774ce476047cc07 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

830159031716626109.bat
Size

2KB
Sample

240715-glbe2stgjb
MD5

c55c680d2371a4cb58b7bb7b8dd6aea5
SHA1

829810108d76e795756e4b465ef84d91f91312c1
SHA256

9d67631cce10784d6f59eff3308ce3ebec10d91fd6c596312774ce476047cc07
SHA512

221b79dce0fc093aadd3a25229ec61873cade0832527d49018ce1d31f798a930d20605855056654068669556c1e95e204fdf0c16aef9a510a9675d75aa91156f

Score

8^/10

execution

Malware Config

Targets

- Target
  
  830159031716626109.bat
- Size
  
  2KB
- MD5
  
  c55c680d2371a4cb58b7bb7b8dd6aea5
- SHA1
  
  829810108d76e795756e4b465ef84d91f91312c1
- SHA256
  
  9d67631cce10784d6f59eff3308ce3ebec10d91fd6c596312774ce476047cc07
- SHA512
  
  221b79dce0fc093aadd3a25229ec61873cade0832527d49018ce1d31f798a930d20605855056654068669556c1e95e204fdf0c16aef9a510a9675d75aa91156f
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2