General

  • Target

    BatSD.exe

  • Size

    169KB

  • Sample

    241112-nzyaas1lgw

  • MD5

    e625c07f89ae4fc9184ea7af37f7311e

  • SHA1

    b1269be3072402fd9f8b7025e02345c54928f3d0

  • SHA256

    71f419149200ada26a7497d8e8ce53d4e3e98bbf45fdaf6a962cdddfbbf368b7

  • SHA512

    0f982fb5561d42984d325dbfd3f788cb702af0f5c72ca06c1d3cb640b7ff8d153e55c9a502532496ea9fe6db0b4e3053a4d90effee768cede9524a46c0c58f00

  • SSDEEP

    3072:MaObYrSD4kjua2DH4xW+5GWp1icKAArDZz4N9GhbkrNEkQfH7YyIb:MaKMSD4YuaeEp0yN90QEff

Malware Config

Targets

    • Target

      BatSD.exe

    • Size

      169KB

    • MD5

      e625c07f89ae4fc9184ea7af37f7311e

    • SHA1

      b1269be3072402fd9f8b7025e02345c54928f3d0

    • SHA256

      71f419149200ada26a7497d8e8ce53d4e3e98bbf45fdaf6a962cdddfbbf368b7

    • SHA512

      0f982fb5561d42984d325dbfd3f788cb702af0f5c72ca06c1d3cb640b7ff8d153e55c9a502532496ea9fe6db0b4e3053a4d90effee768cede9524a46c0c58f00

    • SSDEEP

      3072:MaObYrSD4kjua2DH4xW+5GWp1icKAArDZz4N9GhbkrNEkQfH7YyIb:MaKMSD4YuaeEp0yN90QEff

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Modifies system executable filetype association

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks