ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

Malicious batch file reveals full behavior only when it's started by a double-click.

0/64 detections on VirusTotal
as of 04.07.2024

malicious file executes only when it's started by a double-click

The VMRay Labs team has uncovered a heavily obfuscated malicious batch file that has managed to evade detection on VirusTotal with no security vendors flagging it (0/64). 

This batch file reveals its full behavior only when it’s started by a double-click indicating an actual user, or via the command line, in which case it terminates early.

No detections on VirusTotal

0 of 64

HASH: c87215ddba4bbda4ff1c9cf6a8d95012e42d3cecfeb1c22e65f7880e4102388b

a malicious batch file reveals its full behavior only when it's started with a double-click

Dive deeper into the report

Threat identifiers

See why we think this is malicious in plain language.

Process map

See the whole path of the sample’s execution

MITRE ATT&CK Matrix

Map the malicious activities on the MITRE ATT&CK Framework

Network connections

Explore detailed information on the IP addresses, URLs and DNS, including function logs and PCAP Streams

Pre-filtered IOCs

Download the IOCs and artifacts to have a clear picture of the threat.

Files

Download the files that the malware downloads, drops or modifies.

Explore how you can use these insights

Incident
Response

Threat
Hunting

Threat Intelligence
Generation

Subscribe to our Newsletter:

Linkedin-in Youtube Facebook-f

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

image 15
image 16
image 17
image 18
© Copyright 2024 VMRay

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay