Analysis
-
max time kernel
143s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
06-09-2022 13:35
Static task
static1
Behavioral task
behavioral1
Sample
documents.lnk
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
documents.lnk
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
rap/enquire.bat
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
rap/enquire.bat
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
rap/reconsolidating.dll
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
rap/reconsolidating.dll
Resource
win10v2004-20220901-en
General
-
Target
rap/enquire.bat
-
Size
1KB
-
MD5
6a169bbf9da5a30adbdaa7d57f74644a
-
SHA1
4a9f3d17e4db056004dcf6b25a543aa3fc8e10be
-
SHA256
1a762b504316a625d6cf618804d7f2adae1278c91f4100e67294ef4d9ea81fd7
-
SHA512
5592ceab605cb5ab39f5f1a610eca533fead47827c7403349486dd8876c9715f83e2f4e3e3151a73749f7da60e604f22119719235081b0806e6eff6d6b5009af
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 2 IoCs
Processes:
cmd.exedescription pid process target process PID 3108 wrote to memory of 856 3108 cmd.exe rundll32.exe PID 3108 wrote to memory of 856 3108 cmd.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/856-132-0x0000000000000000-mapping.dmp