Analysis

  • max time kernel
    31s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    28/02/2023, 15:12

General

  • Target

    tropically/lattices.cmd

  • Size

    310B

  • MD5

    936d9d1861a289f8c15696f204590112

  • SHA1

    af28a47fa3c1eb2ccf79ac8400af499d9d41be4a

  • SHA256

    258b0184c1b23266a8644d74a379aa2043dee712f81ce0a08e11402315b034b4

  • SHA512

    dafb28ce519f47c8383bbd29ac4d4cdbad5b82ad858c2d155b31ae2f49e33bd25019476cdd4a78ee1811ef105b9a71e73b02d447987bf55a3756fbd9a8596047

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\tropically\lattices.cmd"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1716
    • C:\Windows\system32\replace.exe
      replace C:\Windows\\32\\L32.eXe C:\Users\Admin\AppData\Local\Temp /A
      2⤵
        PID:932

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads