eb1a711124be7a44e434e24ff215fd0db698ef6df6754342efb6632263ed8d7d | Triage

Sharing

General

Target

656118615549517891.bat
Size

7KB
Sample

240722-12cgts1bqa
MD5

ab57bdebd0aa7e52dee5bd0e03933fc8
SHA1

fc85ff53765efe270b49cae0020f528a6dd0bb74
SHA256

eb1a711124be7a44e434e24ff215fd0db698ef6df6754342efb6632263ed8d7d
SHA512

6886de4368336d870c824705bd7a61b61dfc38091480b61e9ab30b2038dc576c69dfcf230ec36b3cb83040fc652618ce1db2a0711da74cc65da0c890e4cc380c
SSDEEP

192:RGx+sAmt2T8o9fDM20x06piSgALhg5mGmARU:RGxHAm88o9Z2GmAy

Score

8^/10

execution

Malware Config

Targets

- Target
  
  656118615549517891.bat
- Size
  
  7KB
- MD5
  
  ab57bdebd0aa7e52dee5bd0e03933fc8
- SHA1
  
  fc85ff53765efe270b49cae0020f528a6dd0bb74
- SHA256
  
  eb1a711124be7a44e434e24ff215fd0db698ef6df6754342efb6632263ed8d7d
- SHA512
  
  6886de4368336d870c824705bd7a61b61dfc38091480b61e9ab30b2038dc576c69dfcf230ec36b3cb83040fc652618ce1db2a0711da74cc65da0c890e4cc380c
- SSDEEP
  
  192:RGx+sAmt2T8o9fDM20x06piSgALhg5mGmARU:RGxHAm88o9Z2GmAy
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2