3a7c382e87c2eaa2943cb8f6a4f456f420b95137ddc5d4cd0cff5c3caddaea98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

515d20a1756940930e0a2988452b2beb.bin
Size

2KB
Sample

240719-b7v4pazflh
MD5

1edea37dd40448892d6e4a6fec5fa066
SHA1

b6229fce7979c7d6ec945f76572f6f2dac106db9
SHA256

3a7c382e87c2eaa2943cb8f6a4f456f420b95137ddc5d4cd0cff5c3caddaea98
SHA512

376b9c6c39d65d33940579b3d1b4113af7e3fb67020e5e374325432519737b9416160513368c76dfe615869789eca3450f4ea3d2917c5e51e2b408c127624758

Score

8^/10

execution

Malware Config

Targets

- Target
  
  fb2af323cef6f3784506d325ac0bcd01a8ece462e2a9e0b373b3a4aa0fd61931.bat
- Size
  
  6KB
- MD5
  
  515d20a1756940930e0a2988452b2beb
- SHA1
  
  d1739dfbadb194fe98a550ce02ee1f8693c94d10
- SHA256
  
  fb2af323cef6f3784506d325ac0bcd01a8ece462e2a9e0b373b3a4aa0fd61931
- SHA512
  
  2a2e1f28cfc0bbfc94f898fb1dfe9bcc34a6fcf416dbd36c2e5b9e336bb5daef5acd70e2015b68482bb99604133b79437e3da487679838c22510d3d1bafc95ea
- SSDEEP
  
  96:xzyOGZtqfFWfmF+fRFzmnZv59k/wPYqjqaHHqNKx/5/wPKwQ8rJNAN:x+TZt+F8mgfRsnZvosqasKwKiY
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2