b7ee151e31e158c02ae103895bec9263772ac05bd02e3494d66ebf32c197af67 | Triage

Sharing

General

Target

1853118517409721225.bat
Size

15KB
Sample

240719-1h1qbavcpb
MD5

a9c8fd50ce84957848da0bdd5cce785e
SHA1

c1ef2159a0f94be4201969819e98ab5c78f50089
SHA256

b7ee151e31e158c02ae103895bec9263772ac05bd02e3494d66ebf32c197af67
SHA512

c816312a9a022313c4d33480ec71f444bf181bace5735087defa75c759f67f28340fb95c647ae5846dcafe12271f58722b26dedeec10a5ae8319eaa834d128dc
SSDEEP

384:4/E2RpQF+4ynxi+VHvaD6D6JbhjHYzqML0Tl9QattoaYSaLATH80LGkmETNa:0RG+ZnxiIHvaD6D6Vcm77YSamH5LGkmj

Score

8^/10

execution

Malware Config

Targets

- Target
  
  1853118517409721225.bat
- Size
  
  15KB
- MD5
  
  a9c8fd50ce84957848da0bdd5cce785e
- SHA1
  
  c1ef2159a0f94be4201969819e98ab5c78f50089
- SHA256
  
  b7ee151e31e158c02ae103895bec9263772ac05bd02e3494d66ebf32c197af67
- SHA512
  
  c816312a9a022313c4d33480ec71f444bf181bace5735087defa75c759f67f28340fb95c647ae5846dcafe12271f58722b26dedeec10a5ae8319eaa834d128dc
- SSDEEP
  
  384:4/E2RpQF+4ynxi+VHvaD6D6JbhjHYzqML0Tl9QattoaYSaLATH80LGkmETNa:0RG+ZnxiIHvaD6D6Vcm77YSamH5LGkmj
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2