5ceb8efed431a82fc8064c2df189aebd97a5eb5c681090466562b94af466fd9c | Triage

Sharing

General

Target

104006_31103251_AMST26JUN24_INV.zip
Size

1KB
Sample

240719-hhrhja1ble
MD5

27bdbe38fdbbe472c13dfa8882e6c5f1
SHA1

f8bf83adf13101c49e71f31ec096706a265f2b63
SHA256

5ceb8efed431a82fc8064c2df189aebd97a5eb5c681090466562b94af466fd9c
SHA512

93376b76d5c8f033eb1ede31668b521a7200d78c57810d8c7b965f09b2c2bac9ed066d10e8612ec509dac105ce78daeed99d9b754457a1e0318683f6aecbae62

Score

8^/10

execution

Malware Config

Targets

- Target
  
  60254703205616104.bat
- Size
  
  2KB
- MD5
  
  337804a5238bbba61e5eda47a8f68fe4
- SHA1
  
  7292ffe85ac1841da399780f922092b47a49af83
- SHA256
  
  425bcff3bac627b4f328b01be296d31334c1b095921838c9455a06bd9e23e9f8
- SHA512
  
  c6ca48f73c63f7bd92cb554f5dcc3a7645b6e69863794fc312e33dd8228799e9eb923f6352071f41975a27f54ab314c75be3605fefa58edb7d201c2249b8bf6a
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2