Analysis
-
max time kernel
4294183s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20220223-en -
submitted
24-02-2022 22:35
Static task
static1
Behavioral task
behavioral1
Sample
core.bat
Resource
win7-20220223-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
core.bat
Resource
win10v2004-en-20220112
0 signatures
0 seconds
Behavioral task
behavioral3
Sample
planet64.dll
Resource
win7-20220223-en
0 signatures
0 seconds
Behavioral task
behavioral4
Sample
planet64.dll
Resource
win10v2004-en-20220113
0 signatures
0 seconds
General
-
Target
core.bat
-
Size
184B
-
MD5
4da584cc0a5ded0c902627093ab8721b
-
SHA1
a6bb30b50718813a72cbd58ba148bc3c9a17c3f0
-
SHA256
bcc176e2ec1bddb1518bcacb07fef99fe1812e204e990424549f11862aaa757c
-
SHA512
d611696d95dd76f1c3f7ab90c370ccb734f1912ff340d28c5a050d0fb072c7914c3bd15ea30f8f2873fdb17f0b93da92eaa7eecc3b245e23c972c700777be804
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
cmd.exedescription pid process target process PID 1124 wrote to memory of 1564 1124 cmd.exe rundll32.exe PID 1124 wrote to memory of 1564 1124 cmd.exe rundll32.exe PID 1124 wrote to memory of 1564 1124 cmd.exe rundll32.exe