Analysis
-
max time kernel
30s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
24/02/2023, 01:54
Static task
static1
Behavioral task
behavioral1
Sample
RR.lnk
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
RR.lnk
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
vibrations/curtness.cmd
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
vibrations/curtness.cmd
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
vibrations/unmeticulous.exe
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
vibrations/unmeticulous.exe
Resource
win10v2004-20230220-en
General
-
Target
vibrations/curtness.cmd
-
Size
258B
-
MD5
51da8c5b5c10e7aee244c7dcb832942f
-
SHA1
75f00bdeeea03c74b0bdc49d57c841ed3a20f1b8
-
SHA256
3bf77543540e4d4e6756932f83c0230ce5b7cfd80bc40b0a58bddc714a9fa3fc
-
SHA512
c9f7d008d8b2ea3b1a526900d8b0d4c8886df995da55051422e0d2c0b61c4c7d964f9ec49d90e0b71921c2921fd0e30c4748d232a3cbcd39f27c2303290a9755
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1212 wrote to memory of 924 1212 cmd.exe 29 PID 1212 wrote to memory of 924 1212 cmd.exe 29 PID 1212 wrote to memory of 924 1212 cmd.exe 29