Analysis

  • max time kernel
    60s
  • max time network
    68s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/02/2023, 02:08

General

  • Target

    vibrations/compartmentally.cmd

  • Size

    242B

  • MD5

    e00bea94b5f441a6c1907e25b262ed15

  • SHA1

    850893825f7e653211d132f158d992223f6f4212

  • SHA256

    e484ad356ddff0094e84134bffb75e5c520beddff93600de51506e3266960eba

  • SHA512

    7c596e008d5b6df3c0a6356716da101243af2f47e74b70d495394d24de520fe5b9bf7443051dc21736c8cf5337ed38c64a4cd15cb9eb7eb55be6338f5556ec13

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\vibrations\compartmentally.cmd"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1440
    • C:\Windows\system32\rundll32.exe
      rundll32 c:\users\public\output2.txt,N115
      2⤵
        PID:3636

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads