Analysis
-
max time kernel
38s -
max time network
42s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
06-09-2022 13:35
Static task
static1
Behavioral task
behavioral1
Sample
documents.lnk
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
documents.lnk
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
rap/enquire.bat
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
rap/enquire.bat
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
rap/reconsolidating.dll
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
rap/reconsolidating.dll
Resource
win10v2004-20220901-en
General
-
Target
rap/enquire.bat
-
Size
1KB
-
MD5
6a169bbf9da5a30adbdaa7d57f74644a
-
SHA1
4a9f3d17e4db056004dcf6b25a543aa3fc8e10be
-
SHA256
1a762b504316a625d6cf618804d7f2adae1278c91f4100e67294ef4d9ea81fd7
-
SHA512
5592ceab605cb5ab39f5f1a610eca533fead47827c7403349486dd8876c9715f83e2f4e3e3151a73749f7da60e604f22119719235081b0806e6eff6d6b5009af
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
cmd.exedescription pid process target process PID 1960 wrote to memory of 1712 1960 cmd.exe rundll32.exe PID 1960 wrote to memory of 1712 1960 cmd.exe rundll32.exe PID 1960 wrote to memory of 1712 1960 cmd.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1712-54-0x0000000000000000-mapping.dmp