General

  • Target

    disabler.bat

  • Size

    2KB

  • Sample

    250108-fywfbaxrfq

  • MD5

    c6aff26267067b25326560e96a81513f

  • SHA1

    e45b8c290c2e9cf625ce255f6d31dda440e3d61e

  • SHA256

    c7852d05266d27e604e7f988ef728a2d50edf1da816d5963ed93d643831a3e79

  • SHA512

    d909cfdc454cefb0d26ae72311c27908749c4fa52b4eb2fdf893b30e5d22b024df6e7c8bf2a519877a4995b479e0176730fe5963992057c973a3e9f0569eb441

Malware Config

Targets

    • Target

      disabler.bat

    • Size

      2KB

    • MD5

      c6aff26267067b25326560e96a81513f

    • SHA1

      e45b8c290c2e9cf625ce255f6d31dda440e3d61e

    • SHA256

      c7852d05266d27e604e7f988ef728a2d50edf1da816d5963ed93d643831a3e79

    • SHA512

      d909cfdc454cefb0d26ae72311c27908749c4fa52b4eb2fdf893b30e5d22b024df6e7c8bf2a519877a4995b479e0176730fe5963992057c973a3e9f0569eb441

    • UAC bypass

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

    • Disables RegEdit via registry modification

    • Modifies Windows Firewall

MITRE ATT&CK Enterprise v15

Tasks