ac3f2365dc070bd0b7e2a53db6337a4909d276c74a1e372328863d2225a41572 | Triage

Sharing

General

Target

29675268181591712425.bat
Size

18KB
Sample

240722-zv7tqaxhrh
MD5

3e306297f24cbe07c86e6f5e097e0cb2
SHA1

32dd95e0bb8bd51c90d2990a8ba0b9ebfd0adddd
SHA256

ac3f2365dc070bd0b7e2a53db6337a4909d276c74a1e372328863d2225a41572
SHA512

c746d0b51f87e6d26e23340a29304e33754175068ec035eeffaa4030a0463f03c49d878481a0c6a1910a860a8208e9f809c07f4284f66db51edd8c564865d046
SSDEEP

384:oz1qC3RyVFsQ4S/4+9TFZKRtiheRaTVJjakxVLF1nGsJE3CqK+Q9J:or3RygXklFZyRGBrpnnxWmJ

Score

8^/10

execution

Malware Config

Targets

- Target
  
  29675268181591712425.bat
- Size
  
  18KB
- MD5
  
  3e306297f24cbe07c86e6f5e097e0cb2
- SHA1
  
  32dd95e0bb8bd51c90d2990a8ba0b9ebfd0adddd
- SHA256
  
  ac3f2365dc070bd0b7e2a53db6337a4909d276c74a1e372328863d2225a41572
- SHA512
  
  c746d0b51f87e6d26e23340a29304e33754175068ec035eeffaa4030a0463f03c49d878481a0c6a1910a860a8208e9f809c07f4284f66db51edd8c564865d046
- SSDEEP
  
  384:oz1qC3RyVFsQ4S/4+9TFZKRtiheRaTVJjakxVLF1nGsJE3CqK+Q9J:or3RygXklFZyRGBrpnnxWmJ
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2