General

  • Target

    test.bat

  • Size

    1KB

  • Sample

    241110-w88rdssgla

  • MD5

    de98b698f00152d8271e219835e01566

  • SHA1

    82f8a511e8194ea1b8802f4e700454343c1ec477

  • SHA256

    da3d4f7524aa037fabbc2979a62b2c4a9902897b128230048b893b039710dd5e

  • SHA512

    4d8e28b80cf14755b18a0f1a87ef2e4d21d24f88cfc8e43e628058a035486f58a1552e365b4b2e6c0991eadebccf595df3087fc28e84825a9ab90f3a8f1584c7

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://bin.homebots.io/f/86590cf0-ce48-483b-bd0f-160db32a386c/1889464b-428c-4dc4-9c01-19ce05d86f8f

Targets

    • Target

      test.bat

    • Size

      1KB

    • MD5

      de98b698f00152d8271e219835e01566

    • SHA1

      82f8a511e8194ea1b8802f4e700454343c1ec477

    • SHA256

      da3d4f7524aa037fabbc2979a62b2c4a9902897b128230048b893b039710dd5e

    • SHA512

      4d8e28b80cf14755b18a0f1a87ef2e4d21d24f88cfc8e43e628058a035486f58a1552e365b4b2e6c0991eadebccf595df3087fc28e84825a9ab90f3a8f1584c7

    Score
    10/10
    • Blocklisted process makes network request

    • Executes dropped EXE

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

MITRE ATT&CK Enterprise v15

Tasks