General
-
Target
DaddyMadu-Windows-Optimizer.bat
-
Size
9KB
-
Sample
240815-sr7k8aydqh
-
MD5
453b29a2c477aa84c97285b7334c43c6
-
SHA1
4f6640464df12d128584067741a917c1d8adf976
-
SHA256
254a1b759ec149b625aa975ebd6cdf155cc6d513ceeccfbcc03aa3a14356c162
-
SHA512
5a49897433600b2b11d1ea21056f00b626447d199f0faf4ed70e37c9091026820e39f9bd49e4d167702991dfc4852590c5de4df20a52bc07a0ea877b9dc97791
-
SSDEEP
192:Z4TfI3NGRTDBPdDYQBiUnBxn5oCobCAoC4jIymBAlBsPfjhNlLGKbqtC1:K0NGNDVdDYQz9/jawOeqDd
Static task
static1
Behavioral task
behavioral1
Sample
DaddyMadu-Windows-Optimizer.bat
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
DaddyMadu-Windows-Optimizer.bat
-
Size
9KB
-
MD5
453b29a2c477aa84c97285b7334c43c6
-
SHA1
4f6640464df12d128584067741a917c1d8adf976
-
SHA256
254a1b759ec149b625aa975ebd6cdf155cc6d513ceeccfbcc03aa3a14356c162
-
SHA512
5a49897433600b2b11d1ea21056f00b626447d199f0faf4ed70e37c9091026820e39f9bd49e4d167702991dfc4852590c5de4df20a52bc07a0ea877b9dc97791
-
SSDEEP
192:Z4TfI3NGRTDBPdDYQBiUnBxn5oCobCAoC4jIymBAlBsPfjhNlLGKbqtC1:K0NGNDVdDYQz9/jawOeqDd
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Download via BitsAdmin
-
Legitimate hosting services abused for malware hosting/C2
-