97998df308272da0953a59d56953f582ffa9da166116f6adb98f578b57f1d651 | Triage

Sharing

General

Target

528560175e2f9dcb274cd091efc9171a.bin
Size

2KB
Sample

240719-b75m5azfna
MD5

69ee6369457503eaf015b340889952fb
SHA1

7e77f6aa28a107711a2506efda9d33e12aed99bf
SHA256

97998df308272da0953a59d56953f582ffa9da166116f6adb98f578b57f1d651
SHA512

5c946a6b37d8cbd38e3ae9f706cf615552daf18cd40960718e3c5c960df905cf4db2a0953755c085bbcd31d08254b935aee2f9b7bfbf5640fc6276e28e83f546

Score

8^/10

execution

Malware Config

Targets

- Target
  
  383223685160966714.bat
- Size
  
  6KB
- MD5
  
  40977cc5caaecfa5d995ad31a36be0c7
- SHA1
  
  23e8e797c5f8f9f970befc00499f4d427b786b78
- SHA256
  
  f36e8e2a1ef9cdc5ed41ac6d21803f679104ffad9247c5e18e1b8b0c369d7c2c
- SHA512
  
  63d7eee232869926cbd0b4ec68a022f59604402eaf99345e113f5ab5dc856d55496d22fa9f5c862df75ae3aea946bb58fbf0bcee01d34e23bb8bf837dcf8e889
- SSDEEP
  
  192:7Adyxf9oNjbpjY2edp+YExp+YuoIpvJg+KaweRkoV:7Kmf9oNjbpjY2edp+YExp+YSvqRleRD
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2