7cd4a2445e1ce0f6c8178c12427bdcd8fff45c70b23a9d99bf8b952df7455f93 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7cd4a2445e1ce0f6c8178c12427bdcd8fff45c70b23a9d99bf8b952df7455f93.bat
Size

2KB
Sample

240715-yjb28swemp
MD5

a201b928ebe01543be085c73437114be
SHA1

c317fcb526eacfd938ea2978f04d7ac122e57d89
SHA256

7cd4a2445e1ce0f6c8178c12427bdcd8fff45c70b23a9d99bf8b952df7455f93
SHA512

93aa16413cb45174dad80477d2f9e374b5c78188f193bd66a636c52d3363da136e9e98cf93451fa034bb5c948c457a69de2b5abea13edb9c67aa50a337a909ff

Score

8^/10

execution

Malware Config

Targets

- Target
  
  7cd4a2445e1ce0f6c8178c12427bdcd8fff45c70b23a9d99bf8b952df7455f93.bat
- Size
  
  2KB
- MD5
  
  a201b928ebe01543be085c73437114be
- SHA1
  
  c317fcb526eacfd938ea2978f04d7ac122e57d89
- SHA256
  
  7cd4a2445e1ce0f6c8178c12427bdcd8fff45c70b23a9d99bf8b952df7455f93
- SHA512
  
  93aa16413cb45174dad80477d2f9e374b5c78188f193bd66a636c52d3363da136e9e98cf93451fa034bb5c948c457a69de2b5abea13edb9c67aa50a337a909ff
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2