a0fc4caba92cc52294404af9bcd329200d01a97c32610b73891f78faee8e83e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sex.bat
Size

1KB
Sample

240820-n6kmsazgrf
MD5

c17f3a01a98731e6a0926bd65a62aaea
SHA1

eb0256886fd0f9588ce5e32fbe32d763f8e78bb0
SHA256

a0fc4caba92cc52294404af9bcd329200d01a97c32610b73891f78faee8e83e9
SHA512

4885b02ae82198b23b3230633baf7a4a5e8372541c35ea77c3f1c25d803d3574638ef993043c2f22b332f555685372557b10b95de8ae31a82f4416f2c31a29c5

Score

8^/10

execution

Malware Config

Targets

- Target
  
  sex.bat
- Size
  
  1KB
- MD5
  
  c17f3a01a98731e6a0926bd65a62aaea
- SHA1
  
  eb0256886fd0f9588ce5e32fbe32d763f8e78bb0
- SHA256
  
  a0fc4caba92cc52294404af9bcd329200d01a97c32610b73891f78faee8e83e9
- SHA512
  
  4885b02ae82198b23b3230633baf7a4a5e8372541c35ea77c3f1c25d803d3574638ef993043c2f22b332f555685372557b10b95de8ae31a82f4416f2c31a29c5
Score

8^/10

execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Downloads MZ/PE file
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1