ac71d7bd4efd05727655e3d4c393127c98cac1ed92de44244e54e1ccfdf0aa0c | Triage

Sharing

General

Target

a95e98fee23be3e41de39416002ff9dc.bin
Size

5KB
Sample

240719-dvvnhatdpf
MD5

1a8c04cb419ae891cca5ea5f00720618
SHA1

43f522a412f123500bd0bedd196762995ef2acb2
SHA256

ac71d7bd4efd05727655e3d4c393127c98cac1ed92de44244e54e1ccfdf0aa0c
SHA512

7f35e29198f20eaa7b46c3c7ca894d0fa5ce93abcfb8a13f111cb1a7a1bc3065870d11483a8d143f39a53a9f2895c418c0e4ec5c42ea3ebe8864ff5791efeb74
SSDEEP

96:k5aYNaHJbqKgOwqvxt8jbLokKg2mGgg4kQ8kfHQ2hHp6zb/3Hlck8jkS56j9ctTA:k512hoqJtgLrgmZhkQ8+5HpaLazmj9K8

Score

8^/10

execution

Malware Config

Targets

- Target
  
  3255529665177125468.bat
- Size
  
  13KB
- MD5
  
  dc72e34d3bf4fb003a13bee0ddf47011
- SHA1
  
  e158a8570a7de5f8e6972fd8f371de2edf1b8e7c
- SHA256
  
  368ec195b1915f7d0c3b6b3d0893be9d2f3df3b3d7804fcba2e9f2808c66fb42
- SHA512
  
  9ddda0b936b3818b7c090a2afba1cf4f9fbf24edcf59bab70f419fa960c3c24e4988e716b2420d7693cf7fc058b6e3e5036dd4ac4c9ec3c60ad85b9e4bf3d9ea
- SSDEEP
  
  192:bipb3Y96mj7Cfr8v4si1klsBcJFM7f2X2Vj0mcSkXGt0SAzL0x:e3Nh8vTi1kSCJiwyju2t0Vk
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2