General
-
Target
sa.bat
-
Size
4KB
-
Sample
241001-qqpmxawapd
-
MD5
fa632469970851bea61bc599f60804ab
-
SHA1
8c25b218fe42577c7f7da82a90f1c302aadb934e
-
SHA256
fc54b3fa585ed5f0ba2e4bcb35fef5efab3047fda88faf4f929edf6906e96e8a
-
SHA512
df7a1ff63ad4116f11728d7eb2cc11c7e4bba5bcc2f250885d491efa370be3eef2e320665bfae17856549640556d94b49d6bd063155966059c53854391e7c6af
-
SSDEEP
96:tT2T93BJmEAyKe6tfRywHBA4FOzm6z1f+7Sc6Hks8:vrRtfphWmcOSG
Static task
static1
Behavioral task
behavioral1
Sample
sa.bat
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
sa.bat
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
sa.bat
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
sa.bat
-
Size
4KB
-
MD5
fa632469970851bea61bc599f60804ab
-
SHA1
8c25b218fe42577c7f7da82a90f1c302aadb934e
-
SHA256
fc54b3fa585ed5f0ba2e4bcb35fef5efab3047fda88faf4f929edf6906e96e8a
-
SHA512
df7a1ff63ad4116f11728d7eb2cc11c7e4bba5bcc2f250885d491efa370be3eef2e320665bfae17856549640556d94b49d6bd063155966059c53854391e7c6af
-
SSDEEP
96:tT2T93BJmEAyKe6tfRywHBA4FOzm6z1f+7Sc6Hks8:vrRtfphWmcOSG
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Disables Task Manager via registry modification
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Scheduled Task/Job
1Scheduled Task
1