Overview

overview

10

Static

static

Cancellation.lnk

windows7-x64

10

Cancellation.lnk

windows10-2004-x64

10

inexhausti...es.dll

windows7-x64

10

inexhausti...es.dll

windows10-2004-x64

10

inexhausti...ng.cmd

windows7-x64

1

inexhausti...ng.cmd

windows10-2004-x64

1

Analysis

  • max time kernel
    44s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    28-10-2022 18:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    inexhaustive/flabbergasting.cmd

  • Size

    310B

  • MD5

    50159281f514b55c8da442e3a4f0014b

  • SHA1

    7204ea324d279bd170b5551269c1e12d53863428

  • SHA256

    d95dcaf21aa95724fc9158cc853b4282b2cddd5d55af617ebcb9d6252014a290

  • SHA512

    58220038f922f95093c3e1be2ccd884a17a73cfbd8467de970152df211260c778cf029666f1d6c895497c75db10a6352dab9fd9f5012d170cfc4bad83eb2c9fb

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\inexhaustive\flabbergasting.cmd"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1104
    • C:\Windows\system32\replace.exe
      replace C:\Windows\\system32\\r32.exe C:\Users\Admin\AppData\Local\Temp /A
      2⤵
        PID:936

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/936-54-0x0000000000000000-mapping.dmp
      Download