General

  • Target

    https://www.mediafire.com/file/tpep1ourctiitcz/Fatality.bat/file

  • Sample

    250502-ptagqacj8z

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://i.imgur.com/YKjUoWb.jpg

Targets

    • Target

      https://www.mediafire.com/file/tpep1ourctiitcz/Fatality.bat/file

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v16

Tasks