79488aecf47e3d0722bd47a6a85042eec151c41a7dfe49e72796e5929bd565b6 | Triage

Sharing

General

Target

2548871112584911085.bat
Size

16KB
Sample

240719-jhsw2azbjq
MD5

53a1764f4250fd1671d481fe6e28f395
SHA1

a1466bd77d75acf0ac304e993d56fcfc5d38ecc1
SHA256

79488aecf47e3d0722bd47a6a85042eec151c41a7dfe49e72796e5929bd565b6
SHA512

74e0b7c85bd43502e5ed99d9b812f494d209afa919ab0cca43d9fcfce94c0fa4dccaeb0b21b3d8df432fa80ff025f042d463e35cf9035e444ade874ee76868f2
SSDEEP

384:PsdWvDIvtS6/KLJoIJXgqQDmdF/0SR0WsK:PG4hLO6Xyydx7R0WsK

Score

8^/10

execution

Malware Config

Targets

- Target
  
  2548871112584911085.bat
- Size
  
  16KB
- MD5
  
  53a1764f4250fd1671d481fe6e28f395
- SHA1
  
  a1466bd77d75acf0ac304e993d56fcfc5d38ecc1
- SHA256
  
  79488aecf47e3d0722bd47a6a85042eec151c41a7dfe49e72796e5929bd565b6
- SHA512
  
  74e0b7c85bd43502e5ed99d9b812f494d209afa919ab0cca43d9fcfce94c0fa4dccaeb0b21b3d8df432fa80ff025f042d463e35cf9035e444ade874ee76868f2
- SSDEEP
  
  384:PsdWvDIvtS6/KLJoIJXgqQDmdF/0SR0WsK:PG4hLO6Xyydx7R0WsK
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2