General

  • Target

    batty.bat

  • Size

    4KB

  • Sample

    240929-h5msvsxcna

  • MD5

    73dd1ea4d644ddfbc8c9c88d9cd2e686

  • SHA1

    cf99ac5445fdeecb379b1545fd2803cdc487a73c

  • SHA256

    f9fafcffde9a9373f1f3f6eb42a9f8cede1bd12b8969866436fff1ee9da3f420

  • SHA512

    17db23c44fb4496e4034b136239fbe7031e2e31e18d7320ba9d0526f77f4499d368151ed958977130839ff4054c41f18e0d303144a7f9158019697b643fd4c9c

  • SSDEEP

    48:37l9BNXcf6iI92FK+8OEW9+HeEdUm/E2n23WwkFEeJE/sPEijE1Ms9Xc/fDKye9c:37jEG68+8HFU22mZXMGEny/NKCDjT

Malware Config

Targets

    • Target

      batty.bat

    • Size

      4KB

    • MD5

      73dd1ea4d644ddfbc8c9c88d9cd2e686

    • SHA1

      cf99ac5445fdeecb379b1545fd2803cdc487a73c

    • SHA256

      f9fafcffde9a9373f1f3f6eb42a9f8cede1bd12b8969866436fff1ee9da3f420

    • SHA512

      17db23c44fb4496e4034b136239fbe7031e2e31e18d7320ba9d0526f77f4499d368151ed958977130839ff4054c41f18e0d303144a7f9158019697b643fd4c9c

    • SSDEEP

      48:37l9BNXcf6iI92FK+8OEW9+HeEdUm/E2n23WwkFEeJE/sPEijE1Ms9Xc/fDKye9c:37jEG68+8HFU22mZXMGEny/NKCDjT

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Modifies Windows Firewall

    • Possible privilege escalation attempt

    • Modifies file permissions

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks