1

Its a 3.37MB batch file. When opened in Notepad/++ it's all Chinese and some unknown characters. It's still remaining largely undetectable despite being launched in the wild more than 2 days ago, specifically against financial institutions.

https://www.virustotal.com/gui/file/daa4aa8920913f164d9c575546f62d00a169037f1368833e097a40ebe069b0a1

I tried every kind of character encoding under the sun — still can't read it — yet the CMD.exe manages to execute it perfectly fine and continues to download consequent payloads from Amazon AWS.

Can you crack it?!

enter image description here

Improve this question
9
  • All you give us is a screenshot. That's not a lot to go on. And in general, we are not a malware analysis site.
    – vidarlo
    Commented Jun 12 at 17:40
  • This question is probably off-topic but if it’s not you’ll need to include the actual text as text so people can copy/paste.
    – security_paranoid
    Commented Jun 12 at 20:28
  • We are not a code decrypting site or a malware analysis site.
    – schroeder
    Commented Jun 12 at 20:36
  • I Googled “batch file with Chinese characters” And got this as the top hit.superuser.com/questions/1676713/…
    – schroeder
    Commented Jun 12 at 20:42
  • Got it! Understanding how a new strain of malware works is "off-topic" and not part of cybersecurity. My God, who decided you to be the judge?
    – Roco Petta
    Commented Jun 13 at 6:44

0

Reset to default

Browse other questions tagged .