Overview

overview

10

Static

static

beyond_x32.dll

windows7-x64

10

beyond_x32.dll

windows10-2004-x64

10

cmd.bat

windows7-x64

1

cmd.bat

windows10-2004-x64

1

Analysis

  • max time kernel
    132s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-08-2022 17:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cmd.bat

  • Size

    168B

  • MD5

    2fb6e08cba2d5a078619da98f4d09615

  • SHA1

    78fabd9e81455cab89eaa105b4517ecd91a4e259

  • SHA256

    14ab1426f7a0ccf3087a89686c5c666e526ec03bca6e6f0e7a110c06f2c8da08

  • SHA512

    74e95335097b1d6e8d6de9d56c9fb603fcdd8e43ea55f448fe82c6b6bc66948f36818e696af26629c20f4930777352583bf6f2339755ad9dcdb9c9b1d126c0e3

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\cmd.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4684
    • C:\Windows\system32\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\core\beyond_x32.tmp,#1
      2⤵
        PID:4632

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4632-132-0x0000000000000000-mapping.dmp
      Download