Analysis
-
max time kernel
122s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
21-12-2024 15:20
General
-
Target
hm.bat
-
Size
326B
-
MD5
c54484807f0886a7683570d5c513c847
-
SHA1
c0c6b9df60e4203b7ddb485dbb57b0cb70c41181
-
SHA256
f3e008e85fc5164da2ddc2cc44ae62e86ef3cef28fd6be1102c5a2be7630f8a4
-
SHA512
7adc0a21069b38200fc25625961d2d4dac9981f7477fd1c670d09cb67fc637fdc88c53e5948637ce1362b1d0b904c67f46c7ad90e312d298fbade15bafad5d32
Malware Config
Signatures
-
Downloads MZ/PE file
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
-
Modifies Internet Explorer settings 1 TTPs 28 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\hm.bat"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" https://download1590.mediafire.com/iq0dxe3c4smgaV2oq67_DMu3tXJgEGhMDpy3wDO4RFglMwn3Dlbqi4ei2b6cV9ZbK7tG--sOWoOilKfVUAzzoAajPYFM_CS9cidfX_jHSJoc9P-abLAGiGvn76I9ZYdYGS2E2pf1iUaY_IIfhiHb8peAZY9NP97FWfENnQtZPCh0/9pxuen6x78afsz9/thorium_AVX2_mini_installer.exe2⤵
- Modifies Internet Explorer Phishing Filter
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2736 CREDAT:275457 /prefetch:23⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
914B
MD5e4a68ac854ac5242460afd72481b2a44
SHA1df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA5125622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5
-
Filesize
1KB
MD5a266bb7dcc38a562631361bbf61dd11b
SHA13b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA5120da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc
-
Filesize
252B
MD54c2e8c6d5a3633033c270fde15c48da9
SHA12fa8eac1cfb83504b05701cdaac490a35eaa689e
SHA2562ed63af10ce8eb43806d54a739c9c0528e5d6972d490c928d3d3efe4831d7eac
SHA51246de8dc8c3030e6f97a95e59dc02677ed789fb4c4028f6f79a9a6aad6c83fac75f41d0a7f034517a3541a1bb624b2dcbbd48456041fd9972e0694dd8b42fd1b3
-
Filesize
342B
MD549ec98def3b8f007ba37d2037118f1fb
SHA1fa09ca894553ab71082adb8a37e2494fd8f9357d
SHA256933cd28f058a8170f8cf1e0d03cab7403e97e85c34e465278dc121883f6be54f
SHA512b5fe5eedfb34938cfde5eeefc5bab68f161615ef8efa0bcd4b6dde451aace8506b8c3e9a2ba61ff3b9149b17992e359005022d644bac9483cb72e3448a726090
-
Filesize
342B
MD5566ee268fca68315a2cb655f40913e59
SHA139be5c3b1e048db0980164627fd86e305a7176bb
SHA256b7eb8263fd8187d932300ecdd97171700d98184de35dddd5dc0e215005d27a37
SHA5124a36e222f384707acde97d28bc1c6c0f2164bdda9d7a2470bf480f8fc0fa40f31c8af2b0781ac2890409aa622e761a97ed6b9a7a949dfb5c5dcd71d553f0562c
-
Filesize
342B
MD50ed15097402b92c3c6c143776cf5f800
SHA12ec3fe61cdc8309ea5d5f9d2a067cd6e4ce2b579
SHA2564b102ee19a6a05632724eac711ceff08aa983870b3d9d8a7468b569a902e05f0
SHA5120019cfb21e6ceb30cba0663119d329cf43bfebddf5a36ee68ef200e6961bf4e16b966e7c105154b987364ef6e5165df551e4d0a5f346fcd0d3c4fd076bc6adc7
-
Filesize
342B
MD52e7563217554ac918b8963f42f46dd57
SHA1db2645cd9cd772c04b87c5eb55b8432c272abf07
SHA25690860cba263a1dd1e9df23d4c1ffa03e6674fd97eced9696d292cd6dc8c9528a
SHA5124f547f059729a6f29827ae9ca91548a38f9bf1375655dba479243b8376147e12bd03c24d5db1338882ec89af5a3d504cc75b108d99da0a34159ab34c16868e5e
-
Filesize
342B
MD5ad1bfc97778ff52bc2e865279d59434d
SHA1617dbdbdbe390b7c3d5a5b0c400b3628594cfb71
SHA2568bb7f0be855c6356bb1f71236d6deea9cb994361dc3d3e59d6a8ef768440235b
SHA51264f71993133c57b32b46e823609011a3d9176cc490e015b6e4b1ffa3ceb779b2990b402308e842b1b4f5e15f14ae01052d9675e043f0edb0147a6e7576e1f7ef
-
Filesize
342B
MD575fcf980f331f2d3bd3299f0a80e87c5
SHA17b28786ea9a85d75df8c3efbca74acb4d8acf15a
SHA256a741392f524d07d731a9f7f474e1b1652d7047df2586ffca422d069f2242a6ef
SHA512e7d044d8da220b5a20d1214c61c522dcb6ad9cd25da572b983231bc358899e0952e14571286d39d6059ce97b42ccde9f8e899187b99c7ee4978a54f95f7bba93
-
Filesize
342B
MD595e99a8529770079cdd1ad9d350e11f9
SHA170f1c0169235a0f91ba08dfd5d6669657a19b78e
SHA2565ea3920a034f598b6d83cac33a27310f696ae2e63cc002a59b5875c20878cc28
SHA51237fd4145510908c0601e8222c6880124c304bb7552e3f7c1ce105fea3ba7a5636ae7b5d7e68ed727401ca9f81237479761296336018e03ac3ed86b0cbb4ee5b7
-
Filesize
342B
MD5d4ac53cbf29010f21985514e38d084eb
SHA14b3fe7a6e86bf6c3a5891904a4a7d1e5439cb200
SHA256f5c0f6fc7bb622038e2e00ceb3ed70a0ed6bb5e1bf9f0418e076f2d38cc35f0a
SHA51279e43c52edbe34803ea65e0f45dad11f75e84b9582527a7d5d83ea749d898b71f976022a60458cc978d1853954822fca4330f8da25983322e5c03a47db5c42ca
-
Filesize
342B
MD568879b4dd9b9b56588bd11c058f4f05a
SHA1932becf75d53ccb7471c81417e37384461ce1380
SHA256aaf8840aaec34b473b61ff0b4cebeabfb28cfc0adfe7f85974fb97e98a7a382e
SHA5127f98b83ca4845262fc97a11d983f231c2d6c2619ec431496878e7810b7f34b96ff35b3383fbdb23e652a3afdbebd84a0bef6c0997563c89de1da4d4a072395ab
-
Filesize
342B
MD56edf144880bcef89abf6d1b0fc6a02b0
SHA1d45b348662dba5d0d2b85da8915ffac7aa2d0bf1
SHA256ee26863681699554ac257aaab505d13b649f4fdca52970bdc4108aba5d74375c
SHA51249aaf45f061f4c3d5e78b4b67d179d8d5102eb8c93664b9fd7eee7da531c146f6daa22145f6b0cfab405f49feb05bba6abf29ff682cc565f0ae1876e80c5d429
-
Filesize
342B
MD569ceff2a9356f5149ce119ce3b4b0e9b
SHA16bf86a218aaf73c1df17412d70140a414068bd27
SHA2563b3e8b0487d1e28f410a129d7ca36b53fa06ee327c7b08ca2f6d11b6fa5d293a
SHA5120085df0d44ddfe3d0759504668439ff0cbdaab7e2251e1b955075245fd7c0c35ee8eb2ea57c4ed1279fabd9ba8cb785f66b2c8f06f4b91bcdd6de68586ec4269
-
Filesize
342B
MD5603bec54c41f45cdec72ad494948f5af
SHA11014d2e1d4802e8e3aa0c0a35ec0306e76af439e
SHA2563349d00d8d58c25858d2b39d61822c8eceb5d1a6b6cdfd7b0034688f95349030
SHA51211f3339ff8d520bed9d716e882646105cbb91e844fb00aae013c2e5e6fb7a98f327c1bd9b2c9020b5edb44e0a106312b01ecb55f7e4cdd2c23ffb76010081634
-
Filesize
242B
MD56dcc02a067e66397cc6e8d40ca220a88
SHA1f1d3d77c17c29fba0ada83f0302c43768223df6a
SHA25699eb8be15fe4b97d9bff601c82082fe88dca285394b7cfbddee794418e3e5b88
SHA51202cfd27e6866c351832a4c8fd32dbdccf64904c819484cae37c3351472029a746ca8da0bca3d01347765bdc77903f252a48aa2ed9fcc8a0a3fdddf76b78d7a34
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b