Overview

overview

8

Static

static

1

1687728626...07.bat

windows7-x64

8

1687728626...07.bat

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    SA396.zip

  • Size

    1KB

  • Sample

    240719-phstxs1arp

  • MD5

    e6f209c7bb256285ddb62043b652363e

  • SHA1

    b052acaf86e6662186d1a1ff560e1e97a7f20a09

  • SHA256

    4c7740b7d38abe109bdfeceaa02921b6da3e77160b266be218bef1dff12b672f

  • SHA512

    ebaef3381f944ca65f8e469ab00e277cb65c21c0fd3587ae7e5308cc88b53a5c9812a7cd6afc4068bdac5ce65b4a1bf1a139ce7f424f52f4bb06d88305d2e64d

Score
8/10
execution

Malware Config

Targets

    • Target

      16877286262575524007.bat

    • Size

      2KB

    • MD5

      8b14065a4de48df669aca445286310f2

    • SHA1

      c3f9980c9e028a04a1668c7a77c948053f9e9c08

    • SHA256

      02d55e130d3c751d5f4b5759226b2117bcbafd7870f0e3a1b3e1d3b18ccf7224

    • SHA512

      4b33a492a464a9c2164eb84fe2149a0d086f3b6d6a1b75e4b5c90bd5c29be179453e2a96227c6c1117f283e5312faea5252b0ffc0e3380a1494717c912c42e09

    Score
    8/10
    execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks