General

  • Target

    Fluks Redux - Desktop - Mini PC.bat

  • Size

    43KB

  • Sample

    241111-m2tjfsxpcw

  • MD5

    47bdaa07aae9a6ab0b068617cedc427c

  • SHA1

    7bef82f00a8955045422a2acbf6d04f89ea6885b

  • SHA256

    af8560b0c5f6c1cd63887b5c18ab087b73667b175b66972a0ada71aa000f3ee2

  • SHA512

    2fc3570f619824143eb059d7a65cbaa8ff79d5382f82241e6391abf7e327e25fe2a433206737e276160bf660f0dcf94403c08e15ddc0f2a95beddb4d70196b29

  • SSDEEP

    768:g4YjeTQxq0bODoyMbsbLyQac9UkBUkXiQW:pYfxWDt9UCUkXiQW

Malware Config

Targets

    • Target

      Fluks Redux - Desktop - Mini PC.bat

    • Size

      43KB

    • MD5

      47bdaa07aae9a6ab0b068617cedc427c

    • SHA1

      7bef82f00a8955045422a2acbf6d04f89ea6885b

    • SHA256

      af8560b0c5f6c1cd63887b5c18ab087b73667b175b66972a0ada71aa000f3ee2

    • SHA512

      2fc3570f619824143eb059d7a65cbaa8ff79d5382f82241e6391abf7e327e25fe2a433206737e276160bf660f0dcf94403c08e15ddc0f2a95beddb4d70196b29

    • SSDEEP

      768:g4YjeTQxq0bODoyMbsbLyQac9UkBUkXiQW:pYfxWDt9UCUkXiQW

    • Disables service(s)

    • Modifies boot configuration data using bcdedit

    • Possible privilege escalation attempt

    • Modifies file permissions

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks