Analysis

  • max time kernel
    30s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2023, 01:49

General

  • Target

    vibrations/disharmony.cmd

  • Size

    239B

  • MD5

    87c2d41232ac0501005de624416c4d17

  • SHA1

    d8373c869acf80466c3ac9d548b27da4efbae141

  • SHA256

    c9e666c15cc8670433818c7160beec125c97cd3cc41121adc8729be202551ece

  • SHA512

    fafe9cf6df3f58a09a854c6ede5c54d6675b04fe112d06d2185a74e3524354a8eb1d984b8d006d8b143ee4b438e3261ba6042e47e55f1a102b83eb28a09a7074

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\vibrations\disharmony.cmd"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1644
    • C:\Windows\system32\rundll32.exe
      rundll32 c:\users\public\output2.txt,N115
      2⤵
        PID:1588

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads