General

  • Target

    batty.bat

  • Size

    13KB

  • Sample

    240930-nr8fastanl

  • MD5

    03889121ba434e3a839f3d5d971e476f

  • SHA1

    7c19215fabf7292c9148bea6555490da5ae841a7

  • SHA256

    b7e265bae86cff54841d1e65ee7fff63e9047f58e4fa14cf44f7fb3b5986e320

  • SHA512

    155d2e03f5803d745f1e6f8d7c7b6c927ee17936508f36cc607c7466b6dd5c7787a71816a541b0730391b70132997835ba2afcbad5e521f0f0dce6124c5786ee

  • SSDEEP

    192:iANaVeGIkK8L7znSLquXw+CCtT8Mx7YZXyc:ZNa4QP7zSLqi6CtThEh

Malware Config

Targets

    • Target

      batty.bat

    • Size

      13KB

    • MD5

      03889121ba434e3a839f3d5d971e476f

    • SHA1

      7c19215fabf7292c9148bea6555490da5ae841a7

    • SHA256

      b7e265bae86cff54841d1e65ee7fff63e9047f58e4fa14cf44f7fb3b5986e320

    • SHA512

      155d2e03f5803d745f1e6f8d7c7b6c927ee17936508f36cc607c7466b6dd5c7787a71816a541b0730391b70132997835ba2afcbad5e521f0f0dce6124c5786ee

    • SSDEEP

      192:iANaVeGIkK8L7znSLquXw+CCtT8Mx7YZXyc:ZNa4QP7zSLqi6CtThEh

    • Possible privilege escalation attempt

    • Modifies file permissions

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

MITRE ATT&CK Enterprise v15

Tasks