64c4b723188aecf07f98ffe05d74f8e5597e2c41740edd1bff09eaa3c0f7a539 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

sus.bat

windows10-2004-x64

8

Sharing

General

Target

sus.bat
Size

262B
Sample

240808-zqfvfazbmk
MD5

43e1aac96df2f4c1a5a82356fe787f7f
SHA1

d44e20b7fdab20b9b6924147dc4a4c0b2b11af37
SHA256

64c4b723188aecf07f98ffe05d74f8e5597e2c41740edd1bff09eaa3c0f7a539
SHA512

5998d05695d32ba030cd1198205d6a275aa3fd0efaed8df27b9b6aa50c9e5a73a249bd1cfcad0cadc8a00d22e7a7db61e4da8f7a2aeb55da0e37b6e956992bb4

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

sus.bat

Resource

win10v2004-20240802-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  sus.bat
- Size
  
  262B
- MD5
  
  43e1aac96df2f4c1a5a82356fe787f7f
- SHA1
  
  d44e20b7fdab20b9b6924147dc4a4c0b2b11af37
- SHA256
  
  64c4b723188aecf07f98ffe05d74f8e5597e2c41740edd1bff09eaa3c0f7a539
- SHA512
  
  5998d05695d32ba030cd1198205d6a275aa3fd0efaed8df27b9b6aa50c9e5a73a249bd1cfcad0cadc8a00d22e7a7db61e4da8f7a2aeb55da0e37b6e956992bb4
Score

8^/10

persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy