General

  • Target

    DONT RUN IT.bat

  • Size

    8KB

  • Sample

    250119-t91faswpdt

  • MD5

    93756a76ab02d8fdf45ee036af862ff7

  • SHA1

    02cb22e7b50a8812d946dd861ead4d3acd170a41

  • SHA256

    faf34ac8c70f523dc557399b659494c91f13208cf16a2cff96f0465bdd788aac

  • SHA512

    8525858eea539bd94dfa0be33d27e8b5a43696aedb55245658b23c215380f02a82b3ca97ec87cce254c44dd7cf3914b829bc7c15dc3e55a27b54f40f599f0e7d

  • SSDEEP

    192:OGUojoIoOQi4w1Rk9Sv6dvGgUj3d3jVJlr4f3rFuqL54:OGnMjOQxw1+9Sv6J3c3d3jt1qL54

Malware Config

Targets

    • Target

      DONT RUN IT.bat

    • Size

      8KB

    • MD5

      93756a76ab02d8fdf45ee036af862ff7

    • SHA1

      02cb22e7b50a8812d946dd861ead4d3acd170a41

    • SHA256

      faf34ac8c70f523dc557399b659494c91f13208cf16a2cff96f0465bdd788aac

    • SHA512

      8525858eea539bd94dfa0be33d27e8b5a43696aedb55245658b23c215380f02a82b3ca97ec87cce254c44dd7cf3914b829bc7c15dc3e55a27b54f40f599f0e7d

    • SSDEEP

      192:OGUojoIoOQi4w1Rk9Sv6dvGgUj3d3jVJlr4f3rFuqL54:OGnMjOQxw1+9Sv6J3c3d3jt1qL54

    • Blocklisted process makes network request

    • Possible privilege escalation attempt

    • Drops startup file

    • Executes dropped EXE

    • Modifies file permissions

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks