f55073296bc7043aa45e1a7e8317dc6eed6ef63f0584f68911b782ada41147a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Discord Bot Login.bat
Size

332KB
Sample

240921-ytmxgs1ana
MD5

2b39b85b50dc1c803c1903246924ef70
SHA1

11f64fa546213485b844658389e3ead8b2a14498
SHA256

f55073296bc7043aa45e1a7e8317dc6eed6ef63f0584f68911b782ada41147a3
SHA512

870bfc369513776e196bc43414743de38c165886d694e52485786e534b34d024d1f4a4a6786a1f8dcc76f4ec87b8136e9ba0a44f8f0773166cf91d18c36e2f20
SSDEEP

6144:HTQ6haJd2n1K0uvzlOetknubnT72x1qA12X:s6Gd2n3uYeuu72x1h1S

Score

8^/10

execution

Malware Config

Targets

- Target
  
  Discord Bot Login.bat
- Size
  
  332KB
- MD5
  
  2b39b85b50dc1c803c1903246924ef70
- SHA1
  
  11f64fa546213485b844658389e3ead8b2a14498
- SHA256
  
  f55073296bc7043aa45e1a7e8317dc6eed6ef63f0584f68911b782ada41147a3
- SHA512
  
  870bfc369513776e196bc43414743de38c165886d694e52485786e534b34d024d1f4a4a6786a1f8dcc76f4ec87b8136e9ba0a44f8f0773166cf91d18c36e2f20
- SSDEEP
  
  6144:HTQ6haJd2n1K0uvzlOetknubnT72x1qA12X:s6Gd2n3uYeuu72x1h1S
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1