7c596ff13d62e3bb14c72e2869b4e5602c1497397a08736a56335f86d4366f6e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

717015525621429236.bat
Size

21KB
Sample

240721-p42zqa1frh
MD5

023fc36b6f674b1bc4e43f742e6437c8
SHA1

59d883150c6c6fbf6c11e9ee2b7b39004607f398
SHA256

7c596ff13d62e3bb14c72e2869b4e5602c1497397a08736a56335f86d4366f6e
SHA512

8540e98652d047412a69c353d493f206ee40a3681ecbf25047c69911b771ae86894f53b2cb33a5a89f2cf7c9bcf9b1bbd00181b32f1fc6ebbcf7af8834b92338
SSDEEP

384:2V17Fr3bUPC9q9PAwZX1uRbss4X9d+23J5YEtWYvA:2V1xzYQtE1PLtc8JBoYo

Score

8^/10

execution

Malware Config

Targets

- Target
  
  717015525621429236.bat
- Size
  
  21KB
- MD5
  
  023fc36b6f674b1bc4e43f742e6437c8
- SHA1
  
  59d883150c6c6fbf6c11e9ee2b7b39004607f398
- SHA256
  
  7c596ff13d62e3bb14c72e2869b4e5602c1497397a08736a56335f86d4366f6e
- SHA512
  
  8540e98652d047412a69c353d493f206ee40a3681ecbf25047c69911b771ae86894f53b2cb33a5a89f2cf7c9bcf9b1bbd00181b32f1fc6ebbcf7af8834b92338
- SSDEEP
  
  384:2V17Fr3bUPC9q9PAwZX1uRbss4X9d+23J5YEtWYvA:2V1xzYQtE1PLtc8JBoYo
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2