00e6a875b09ff4267e6eab289b5dc7e29a0407c0e925d3a13a4bbf468c8b5b39 | Triage

Sharing

General

Target

7773290842190029985.bat
Size

7KB
Sample

240720-ptxbgsygnm
MD5

0d4cc77e136b0f18289e4bc410bea5f4
SHA1

dd49ed497f9a207d1608bd75c71d535025a68028
SHA256

00e6a875b09ff4267e6eab289b5dc7e29a0407c0e925d3a13a4bbf468c8b5b39
SHA512

077ad51465dd9be03f0115313d481450a368809c817b0568457963f983279a6013e4e0f8f0c9b43d024abcd4cd010467fceed8987c0b77f7d6b83e10897678c6
SSDEEP

192:Jyp8OpAuHWNSFCZFiAqfnVZ76CkMqGyaFnvEL:Jyp9AjSYZFiAqfnVZ76CkMqaFnm

Score

8^/10

execution

Malware Config

Targets

- Target
  
  7773290842190029985.bat
- Size
  
  7KB
- MD5
  
  0d4cc77e136b0f18289e4bc410bea5f4
- SHA1
  
  dd49ed497f9a207d1608bd75c71d535025a68028
- SHA256
  
  00e6a875b09ff4267e6eab289b5dc7e29a0407c0e925d3a13a4bbf468c8b5b39
- SHA512
  
  077ad51465dd9be03f0115313d481450a368809c817b0568457963f983279a6013e4e0f8f0c9b43d024abcd4cd010467fceed8987c0b77f7d6b83e10897678c6
- SSDEEP
  
  192:Jyp8OpAuHWNSFCZFiAqfnVZ76CkMqGyaFnvEL:Jyp9AjSYZFiAqfnVZ76CkMqaFnm
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2