Overview

overview

8

Static

static

1

Phyz1xs Sp...or.bat

windows7-x64

1

Phyz1xs Sp...or.bat

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Phyz1xs Spotify Premium Activator.bat

  • Size

    5KB

  • Sample

    240817-234s5svepq

  • MD5

    97560fae9d8da990127e101296ca24d2

  • SHA1

    eb80fd45b7572d636f857fd9558b9949f5a0c6e9

  • SHA256

    6e3c4dd9c98bee7e180e2cc9d2bef8a74324b146905af56a08e5ee4e711fb322

  • SHA512

    a206fa7378de230559136e3186816c7af742d87036ad9ff53eafb3d094c62c23a8771b81314d296788692bf2ab8e7a64c0e3d2fa31f44363d77032b2df585a0d

  • SSDEEP

    96:R6J/Dibvep6XvDe5x/d9Rzp/U9If38RSJP8IqF5LgifJs2NHJ/:sJ/D6vepGLe5x/d9Rzp/uw3E+uJsM

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      Phyz1xs Spotify Premium Activator.bat

    • Size

      5KB

    • MD5

      97560fae9d8da990127e101296ca24d2

    • SHA1

      eb80fd45b7572d636f857fd9558b9949f5a0c6e9

    • SHA256

      6e3c4dd9c98bee7e180e2cc9d2bef8a74324b146905af56a08e5ee4e711fb322

    • SHA512

      a206fa7378de230559136e3186816c7af742d87036ad9ff53eafb3d094c62c23a8771b81314d296788692bf2ab8e7a64c0e3d2fa31f44363d77032b2df585a0d

    • SSDEEP

      96:R6J/Dibvep6XvDe5x/d9Rzp/U9If38RSJP8IqF5LgifJs2NHJ/:sJ/D6vepGLe5x/d9Rzp/uw3E+uJsM

    Score
    8/10
    discoveryexecution

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Downloads MZ/PE file

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks