Analysis
-
max time kernel
60s -
max time network
68s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
24/02/2023, 02:08
Static task
static1
Behavioral task
behavioral1
Sample
RR.lnk
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
RR.lnk
Resource
win10v2004-20230221-en
Behavioral task
behavioral3
Sample
vibrations/compartmentally.cmd
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
vibrations/compartmentally.cmd
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
vibrations/disobeys.exe
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
vibrations/disobeys.exe
Resource
win10v2004-20230220-en
General
-
Target
vibrations/compartmentally.cmd
-
Size
242B
-
MD5
e00bea94b5f441a6c1907e25b262ed15
-
SHA1
850893825f7e653211d132f158d992223f6f4212
-
SHA256
e484ad356ddff0094e84134bffb75e5c520beddff93600de51506e3266960eba
-
SHA512
7c596e008d5b6df3c0a6356716da101243af2f47e74b70d495394d24de520fe5b9bf7443051dc21736c8cf5337ed38c64a4cd15cb9eb7eb55be6338f5556ec13
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 2 IoCs
description pid Process procid_target PID 1440 wrote to memory of 3636 1440 cmd.exe 84 PID 1440 wrote to memory of 3636 1440 cmd.exe 84