7cc35d1eb6961c962ae9fae96b4564c3f47d17b105af731910afe336f744f8ca | Triage

Analysis

max time kernel
24s
max time network
115s
platform
windows10_x64
resource
win10v20201028
submitted
18-01-2021 15:47

Sharing

Report Analysis Logs

General

Target

mine_aeternity.bat
Size

122B
MD5

8ee582eee932b270d81a9b50968f235d
SHA1

78e1c9674ad0bd46a6b483e4e57d6ee3f12501ce
SHA256

41ba914d255dfd4fe2ed6ab36ec799a0a5a257e4dc291830e16aec3546c37283
SHA512

f479de8b0be0c5ab465bd1d49f4451aa63e83801039db7bc2359e22426011a6ddf447324ac1eb4d3738897421b564904267740367af4d989bdf2d19a0685d61f

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

cmd.exe

description	pid	process	target process
PID 2604 wrote to memory of 396	2604	cmd.exe	miner.exe
PID 2604 wrote to memory of 396	2604	cmd.exe	miner.exe
PID 2604 wrote to memory of 396	2604	cmd.exe	miner.exe

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\mine_aeternity.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:2604

C:\Users\Admin\AppData\Local\Temp\miner.exe
miner.exe --algo aeternity --server ae.f2pool.com --port 7898 --user ak_v4cBSQhjh8gc49XMmrt1ELXJDA8U7sDZVKhLJiAzjPymVFgFQ
2⤵
PID:396

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/396-2-0x0000000000000000-mapping.dmp

Download