Analysis
-
max time kernel
44s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
14-07-2022 16:16
Static task
static1
Behavioral task
behavioral1
Sample
cmd.bat
Resource
win7-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
cmd.bat
Resource
win10v2004-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral3
Sample
divert_32.dll
Resource
win7-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral4
Sample
divert_32.dll
Resource
win10v2004-20220414-en
0 signatures
0 seconds
General
-
Target
cmd.bat
-
Size
191B
-
MD5
9d16a11a95ee4d4cc5fbb5cc0d7f4279
-
SHA1
5b99b90a57addc4024313741f20c527d4be19b33
-
SHA256
ae69c01458a71817de60f091be4bd669aaec5001b010dde02aa8d4cab83ea41b
-
SHA512
987fb4096c0a7defc82ceeb592f31f226dcbae8af333e4f8a0afd35e4e24ea54c8a69e60aeb2abe07d6d4ae0dd3c95358756199f2135a1a72e5876c8d3a842ed
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
cmd.exedescription pid process target process PID 560 wrote to memory of 892 560 cmd.exe rundll32.exe PID 560 wrote to memory of 892 560 cmd.exe rundll32.exe PID 560 wrote to memory of 892 560 cmd.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/892-54-0x0000000000000000-mapping.dmp