95df2f0a37035da25d1606f883a0a478a5486a70ab4aafa7fc86ede9e8cc7cfe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1141628683116112276.bat
Size

10KB
Sample

240723-c653yatake
MD5

7401fa38f1bc5c36c70d3920375c1d10
SHA1

7aaebdd4a365036f35ffc796858807d0745e3531
SHA256

95df2f0a37035da25d1606f883a0a478a5486a70ab4aafa7fc86ede9e8cc7cfe
SHA512

d9cd6f8a501ab0de5aabe196e400cec56efa9eecef85f19618d9cc544e70d0747a0e9f52111ade9b04df38513b21e2a70f151c9872cf0b5efca7e01a5694db58
SSDEEP

192:b24v53Nm2I7KBICyjjsWlgiD4QyxL3jQVaN+DpyiaeGVwdDl/uAboO3984:BB3j+jrgiD4QyxL3cVu6kzeywGAbV9n

Score

8^/10

execution

Malware Config

Targets

- Target
  
  1141628683116112276.bat
- Size
  
  10KB
- MD5
  
  7401fa38f1bc5c36c70d3920375c1d10
- SHA1
  
  7aaebdd4a365036f35ffc796858807d0745e3531
- SHA256
  
  95df2f0a37035da25d1606f883a0a478a5486a70ab4aafa7fc86ede9e8cc7cfe
- SHA512
  
  d9cd6f8a501ab0de5aabe196e400cec56efa9eecef85f19618d9cc544e70d0747a0e9f52111ade9b04df38513b21e2a70f151c9872cf0b5efca7e01a5694db58
- SSDEEP
  
  192:b24v53Nm2I7KBICyjjsWlgiD4QyxL3jQVaN+DpyiaeGVwdDl/uAboO3984:BB3j+jrgiD4QyxL3cVu6kzeywGAbV9n
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2