General
-
Target
27972153241137516402.bat
-
Size
14KB
-
Sample
240722-fl62aazdkp
-
MD5
05164ccea8d7b8a898e4c0026ed99153
-
SHA1
cadb8ca7d853f287206809e9420de6e420e8d54e
-
SHA256
76bbaa70aff3045abb8c9a5c8c5d41887f6ed281ec59d1af5feec67bcabbe09f
-
SHA512
6e19b1d4c139b03d6bb5b28294c494deb3d4636e1cc65af3e6366fce278af3bf3e5044b97bedac477bf546a0106e6699c2e21435ad702411501d1de9507563e7
-
SSDEEP
192:3rs+8mX1ZYXuKo+hPQI/5GFFwhFFLJPEKW5fqS/TiJN9X3AkD2fSb:3wosf1OFAFLJPEK67s9wk
Malware Config
Targets
-
-
Target
27972153241137516402.bat
-
Size
14KB
-
MD5
05164ccea8d7b8a898e4c0026ed99153
-
SHA1
cadb8ca7d853f287206809e9420de6e420e8d54e
-
SHA256
76bbaa70aff3045abb8c9a5c8c5d41887f6ed281ec59d1af5feec67bcabbe09f
-
SHA512
6e19b1d4c139b03d6bb5b28294c494deb3d4636e1cc65af3e6366fce278af3bf3e5044b97bedac477bf546a0106e6699c2e21435ad702411501d1de9507563e7
-
SSDEEP
192:3rs+8mX1ZYXuKo+hPQI/5GFFwhFFLJPEKW5fqS/TiJN9X3AkD2fSb:3wosf1OFAFLJPEK67s9wk
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-