Overview

overview

8

Static

static

1

1193714209...41.bat

windows7-x64

8

1193714209...41.bat

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    119371420991627841.bat

  • Size

    19KB

  • Sample

    240721-sqaj4aweqj

  • MD5

    aa059d44b5472915f9e91bce65be9a79

  • SHA1

    55c61832ea46fd15b55b8a49794bf58b67c47528

  • SHA256

    bbdb00e5144617f40b197001138047239661540ed4e768d70bf0bf402be58abf

  • SHA512

    9b33e109619fa75cb860ae85479d6d799700dca45db26b13f329b73bf7dbf98dc7c018612f15069764771e27a38084476c9a1aa14ef460291848b75ccbd11ea9

  • SSDEEP

    384:1oJl3RV5dWs+WigBHBzmekck/gmx/YZe1w4vapbAh9Wzr1aGP:GHb10MHBzmFck/zx/YAtibmuaS

Score
8/10
execution

Malware Config

Targets

    • Target

      119371420991627841.bat

    • Size

      19KB

    • MD5

      aa059d44b5472915f9e91bce65be9a79

    • SHA1

      55c61832ea46fd15b55b8a49794bf58b67c47528

    • SHA256

      bbdb00e5144617f40b197001138047239661540ed4e768d70bf0bf402be58abf

    • SHA512

      9b33e109619fa75cb860ae85479d6d799700dca45db26b13f329b73bf7dbf98dc7c018612f15069764771e27a38084476c9a1aa14ef460291848b75ccbd11ea9

    • SSDEEP

      384:1oJl3RV5dWs+WigBHBzmekck/gmx/YZe1w4vapbAh9Wzr1aGP:GHb10MHBzmFck/zx/YAtibmuaS

    Score
    8/10
    execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks