General
-
Target
BatSD.exe
-
Size
169KB
-
Sample
241112-nzyaas1lgw
-
MD5
e625c07f89ae4fc9184ea7af37f7311e
-
SHA1
b1269be3072402fd9f8b7025e02345c54928f3d0
-
SHA256
71f419149200ada26a7497d8e8ce53d4e3e98bbf45fdaf6a962cdddfbbf368b7
-
SHA512
0f982fb5561d42984d325dbfd3f788cb702af0f5c72ca06c1d3cb640b7ff8d153e55c9a502532496ea9fe6db0b4e3053a4d90effee768cede9524a46c0c58f00
-
SSDEEP
3072:MaObYrSD4kjua2DH4xW+5GWp1icKAArDZz4N9GhbkrNEkQfH7YyIb:MaKMSD4YuaeEp0yN90QEff
Static task
static1
Behavioral task
behavioral1
Sample
BatSD.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
BatSD.exe
-
Size
169KB
-
MD5
e625c07f89ae4fc9184ea7af37f7311e
-
SHA1
b1269be3072402fd9f8b7025e02345c54928f3d0
-
SHA256
71f419149200ada26a7497d8e8ce53d4e3e98bbf45fdaf6a962cdddfbbf368b7
-
SHA512
0f982fb5561d42984d325dbfd3f788cb702af0f5c72ca06c1d3cb640b7ff8d153e55c9a502532496ea9fe6db0b4e3053a4d90effee768cede9524a46c0c58f00
-
SSDEEP
3072:MaObYrSD4kjua2DH4xW+5GWp1icKAArDZz4N9GhbkrNEkQfH7YyIb:MaKMSD4YuaeEp0yN90QEff
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Modifies system executable filetype association
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
2Change Default File Association
1Component Object Model Hijacking
1