fd3143b7aaa091fe929a0c7b0992120906712a3bd822604c105aa33e7ced3715 | Triage

Sharing

General

Target

61265202317318215.bat
Size

17KB
Sample

240722-t3qyaaxdrr
MD5

ff9339590606f0bc99e111042dc77232
SHA1

8200372473403e58314ca1b02553cd5e29b0f0de
SHA256

fd3143b7aaa091fe929a0c7b0992120906712a3bd822604c105aa33e7ced3715
SHA512

5d19cfc1cc07b60ffcf08b5c0fb6719225cbddc10c52a620fd4e2bddf9ca82edd874b3ef563f0c4fbe2c01a6f083b5a40c2fb3d59824a6ddf0018256cfceb275
SSDEEP

384:+tyMxIyA8vzPgEumbIqBw/J/A6LI0wvLVmBAisqz5/2:+tO8vzYTmbNq/AoI0UkRz5/2

Score

8^/10

execution

Malware Config

Targets

- Target
  
  61265202317318215.bat
- Size
  
  17KB
- MD5
  
  ff9339590606f0bc99e111042dc77232
- SHA1
  
  8200372473403e58314ca1b02553cd5e29b0f0de
- SHA256
  
  fd3143b7aaa091fe929a0c7b0992120906712a3bd822604c105aa33e7ced3715
- SHA512
  
  5d19cfc1cc07b60ffcf08b5c0fb6719225cbddc10c52a620fd4e2bddf9ca82edd874b3ef563f0c4fbe2c01a6f083b5a40c2fb3d59824a6ddf0018256cfceb275
- SSDEEP
  
  384:+tyMxIyA8vzPgEumbIqBw/J/A6LI0wvLVmBAisqz5/2:+tO8vzYTmbNq/AoI0UkRz5/2
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2