8500b5ebf6a2940bc6217c87acc11c6464520179bdf1c93fee2d61c27fd1a868 | Triage

Sharing

General

Target

7576289933203012142.bat
Size

10KB
Sample

240721-ycjhqs1ejf
MD5

7937d77f7cb47a6ac14b9d2afa8006a1
SHA1

5c79c1f3a90e8a191dcca47b495aa0f44b9bbc52
SHA256

8500b5ebf6a2940bc6217c87acc11c6464520179bdf1c93fee2d61c27fd1a868
SHA512

60436f787877e2cb9c2081b44764593571847f5c151ab8fbc41bb5016d48c1e9cf6fef399c7f651cddb31ad0aa1732f94705ef63dfd36bf4b5cafd7b79da052f
SSDEEP

192:UrTBJ8O3LiOhXJsVkZ1urna6KZfcMbY60a+zSr6zivzmYTjnJB:qDt3LZXJoFrnatZEAY60a/7m+jJB

Score

8^/10

execution

Malware Config

Targets

- Target
  
  7576289933203012142.bat
- Size
  
  10KB
- MD5
  
  7937d77f7cb47a6ac14b9d2afa8006a1
- SHA1
  
  5c79c1f3a90e8a191dcca47b495aa0f44b9bbc52
- SHA256
  
  8500b5ebf6a2940bc6217c87acc11c6464520179bdf1c93fee2d61c27fd1a868
- SHA512
  
  60436f787877e2cb9c2081b44764593571847f5c151ab8fbc41bb5016d48c1e9cf6fef399c7f651cddb31ad0aa1732f94705ef63dfd36bf4b5cafd7b79da052f
- SSDEEP
  
  192:UrTBJ8O3LiOhXJsVkZ1urna6KZfcMbY60a+zSr6zivzmYTjnJB:qDt3LZXJoFrnatZEAY60a/7m+jJB
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2