Overview
overview
10Static
static
Claim.lnk
windows7-x64
10Claim.lnk
windows10-2004-x64
10undampened...ul.dll
windows7-x64
10undampened...ul.dll
windows10-2004-x64
10undampened...ly.cmd
windows7-x64
1undampened...ly.cmd
windows10-2004-x64
1undampened...ly.cmd
windows7-x64
1undampened...ly.cmd
windows10-2004-x64
1Resubmissions
05-12-2022 21:11
221205-z14z1sbc4z 1005-12-2022 21:02
221205-zvg83aae9z 1005-12-2022 20:55
221205-zqp34sab9t 10Analysis
-
max time kernel
151s -
max time network
196s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
05-12-2022 20:55
Static task
static1
Behavioral task
behavioral1
Sample
Claim.lnk
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Claim.lnk
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
undampened/purposeful.dll
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
undampened/purposeful.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
undampened/reassembly.cmd
Resource
win7-20221111-en
Behavioral task
behavioral6
Sample
undampened/reassembly.cmd
Resource
win10v2004-20221111-en
Behavioral task
behavioral7
Sample
undampened/risibly.cmd
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
undampened/risibly.cmd
Resource
win10v2004-20220812-en
General
-
Target
undampened/reassembly.cmd
-
Size
285B
-
MD5
0e1d1b53085414be80108431a3ee03ec
-
SHA1
23d01d536acdf7d9cfaabcf97c63ad435652e6da
-
SHA256
d25cf833e6fb446b1c38fee115eb1a1bfb70657ada48f5f20dce799ddade625f
-
SHA512
3ed5af192d5d95be221c279c256c404128a2ef9ac70f48057e5db671566ddbf371d953d45616e29fc6e4008a04c51fa3c3743a388bee03f91a7a5594209a279d
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 2 IoCs
Processes:
cmd.exedescription pid process target process PID 2936 wrote to memory of 2644 2936 cmd.exe replace.exe PID 2936 wrote to memory of 2644 2936 cmd.exe replace.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2644-132-0x0000000000000000-mapping.dmp