Analysis
-
max time kernel
42s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
29-08-2022 17:50
Static task
static1
Behavioral task
behavioral1
Sample
beyond_x32.dll
Resource
win7-20220812-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
beyond_x32.dll
Resource
win10v2004-20220812-en
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
cmd.bat
Resource
win7-20220812-en
1 signatures
150 seconds
Behavioral task
behavioral4
Sample
cmd.bat
Resource
win10v2004-20220812-en
1 signatures
150 seconds
General
-
Target
cmd.bat
-
Size
168B
-
MD5
2fb6e08cba2d5a078619da98f4d09615
-
SHA1
78fabd9e81455cab89eaa105b4517ecd91a4e259
-
SHA256
14ab1426f7a0ccf3087a89686c5c666e526ec03bca6e6f0e7a110c06f2c8da08
-
SHA512
74e95335097b1d6e8d6de9d56c9fb603fcdd8e43ea55f448fe82c6b6bc66948f36818e696af26629c20f4930777352583bf6f2339755ad9dcdb9c9b1d126c0e3
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
cmd.exedescription pid process target process PID 1972 wrote to memory of 2036 1972 cmd.exe rundll32.exe PID 1972 wrote to memory of 2036 1972 cmd.exe rundll32.exe PID 1972 wrote to memory of 2036 1972 cmd.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2036-54-0x0000000000000000-mapping.dmp