General

  • Target

    s32del.bat

  • Size

    1KB

  • Sample

    240818-y48a6ssdkg

  • MD5

    856e91d6f2237412afd3204b003eb799

  • SHA1

    85173affdd374b9d7c78f8abc4c740a0993502b5

  • SHA256

    badf2654b27cf2d5c35d642aac9c4c9445572343b6243a45064a8725de47c30f

  • SHA512

    09e5176c68f332a0063cca0180135be769137950d0b1e55a76a0bd115d337a6b5e0bc46125e4d808cbc176001efbf63a3436e364a339db39654f8a97205c83c6

Malware Config

Targets

    • Target

      s32del.bat

    • Size

      1KB

    • MD5

      856e91d6f2237412afd3204b003eb799

    • SHA1

      85173affdd374b9d7c78f8abc4c740a0993502b5

    • SHA256

      badf2654b27cf2d5c35d642aac9c4c9445572343b6243a45064a8725de47c30f

    • SHA512

      09e5176c68f332a0063cca0180135be769137950d0b1e55a76a0bd115d337a6b5e0bc46125e4d808cbc176001efbf63a3436e364a339db39654f8a97205c83c6

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Possible privilege escalation attempt

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks