1cab37cabfb1ee68e57bbefd17aa8afe7b6d61f3de8ad976d14eeb20cc7a5b9e | Triage

Sharing

General

Target

test2.bat
Size

853B
Sample

241119-smbb8axend
MD5

1a3dc0421e9078992b3ca8f0297dd6c8
SHA1

f72384f6cc010503b9f2bdb9934a4b64e77168d6
SHA256

1cab37cabfb1ee68e57bbefd17aa8afe7b6d61f3de8ad976d14eeb20cc7a5b9e
SHA512

397db20e2a3318a94e2b3395d03294e1e4e29d5e3cf12dcd9932349b344324ef18ea95460414efef9ab934532e832abf18401f5889ffcb8ef02df2bbb016639d

Score

10^/10

evasion execution trojan

Malware Config

Targets

- Target
  
  test2.bat
- Size
  
  853B
- MD5
  
  1a3dc0421e9078992b3ca8f0297dd6c8
- SHA1
  
  f72384f6cc010503b9f2bdb9934a4b64e77168d6
- SHA256
  
  1cab37cabfb1ee68e57bbefd17aa8afe7b6d61f3de8ad976d14eeb20cc7a5b9e
- SHA512
  
  397db20e2a3318a94e2b3395d03294e1e4e29d5e3cf12dcd9932349b344324ef18ea95460414efef9ab934532e832abf18401f5889ffcb8ef02df2bbb016639d
Score

10^/10

evasion execution trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Stops running service(s)
  evasion execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionexecutiontrojan

behavioral2

evasionexecutiontrojan