Overview

overview

10

Static

static

1

main.bat

windows7-x64

1

main.bat

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    main.bat

  • Size

    72KB

  • Sample

    240920-znevcsxdpc

  • MD5

    35e015a9bcce22c31ba0fb364830c788

  • SHA1

    514cb5bbff59bb0c5aa92074cfa44ed061c3aafb

  • SHA256

    f08cd592c887920888cb0a18e754231b756e6c285a50511c26f4826dd1581978

  • SHA512

    ed48ecef95cd79b9f26de8523d1ae655310ad8b1684e9bbb24103943cb9fa919de826cf667d2f40d5b8cb9aeaef89aec8cdb86aeb957fe6037b4ee77b28a4668

  • SSDEEP

    768:IposY9qsaIZz+QK7ruEDHs2guEDHsaOmh82mnUjQxOn1TS6QBQg+mispepU:ICsYOBm9mnUk01SBQg+miU

Score
10/10
evasionexecutionpersistenceransomware

Malware Config

Targets

    • Target

      main.bat

    • Size

      72KB

    • MD5

      35e015a9bcce22c31ba0fb364830c788

    • SHA1

      514cb5bbff59bb0c5aa92074cfa44ed061c3aafb

    • SHA256

      f08cd592c887920888cb0a18e754231b756e6c285a50511c26f4826dd1581978

    • SHA512

      ed48ecef95cd79b9f26de8523d1ae655310ad8b1684e9bbb24103943cb9fa919de826cf667d2f40d5b8cb9aeaef89aec8cdb86aeb957fe6037b4ee77b28a4668

    • SSDEEP

      768:IposY9qsaIZz+QK7ruEDHs2guEDHsaOmh82mnUjQxOn1TS6QBQg+mispepU:ICsYOBm9mnUk01SBQg+miU

    Score
    10/10
    evasionexecutionpersistenceransomware

    • Disables service(s)

      evasionexecution

    • Modifies boot configuration data using bcdedit

      ransomwareevasion

    • Stops running service(s)

      evasionexecution

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks