General
-
Target
5623205342853313428.bat
-
Size
10KB
-
Sample
240721-bmsststfrm
-
MD5
15fb0171780a044b55f6eebdcb475d37
-
SHA1
fa3021377ecced794887b3903e7610934d3f1407
-
SHA256
ee13a9bc7f8f60001dd5bdc13fb21cdc5ffe58ec97511f445fd9b78dbdedd551
-
SHA512
a6d9586194f84a52a9543d37381249c036e1617cc3536be520febe3492e643e865666a91662cd916d147e09684942e1518ab3a7aa69f3a8db6d3c9dcaa6f423c
-
SSDEEP
192:8us5mDgVA3JR0O2uElDefMOyxyDoX666teX666JsgJ67ZwofwwGmmB:8usUScT0KUqfMOoy8X666IX666JsgJ64
Malware Config
Targets
-
-
Target
5623205342853313428.bat
-
Size
10KB
-
MD5
15fb0171780a044b55f6eebdcb475d37
-
SHA1
fa3021377ecced794887b3903e7610934d3f1407
-
SHA256
ee13a9bc7f8f60001dd5bdc13fb21cdc5ffe58ec97511f445fd9b78dbdedd551
-
SHA512
a6d9586194f84a52a9543d37381249c036e1617cc3536be520febe3492e643e865666a91662cd916d147e09684942e1518ab3a7aa69f3a8db6d3c9dcaa6f423c
-
SSDEEP
192:8us5mDgVA3JR0O2uElDefMOyxyDoX666teX666JsgJ67ZwofwwGmmB:8usUScT0KUqfMOoy8X666IX666JsgJ64
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-