77e6ae4adb21785c15b5345027e002b880e5ac3488a53567a977cd8f71011d25

Analysis

max time kernel
151s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
31-03-2023 20:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

start.bat
Size

367B
MD5

431287d8e6a9977ff7e81e517a83be8c
SHA1

276d9fa1fa4df70d63a42c187d8c14e98cbd32b1
SHA256

3a045f35813c68b06a3a681dc3b2db9589b221137e2a6a55838dbd8495c0f898
SHA512

57a4ac4ef62990b5d36ce567a8abcde78aa7cec7f6cb0392039ac09023f18fca3b11331128832aec09a50d1ba51427c3758ba97000c1d556472336fdfcc45d1f

Score

1^/10

Malware Config

Signatures

Delays execution with timeout.exe 64 IoCs

evasion

Processes:

timeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exe

pid	process
2612	timeout.exe
3732	timeout.exe
1068	timeout.exe
3592	timeout.exe
5056	timeout.exe
2008	timeout.exe
4180	timeout.exe
988	timeout.exe
2004	timeout.exe
4176	timeout.exe
1840	timeout.exe
1604	timeout.exe
4516	timeout.exe
2796	timeout.exe
5004	timeout.exe
2168	timeout.exe
800	timeout.exe
2244	timeout.exe
4952	timeout.exe
2460	timeout.exe
4212	timeout.exe
2440	timeout.exe
1188	timeout.exe
4864	timeout.exe
3420	timeout.exe
1348	timeout.exe
4320	timeout.exe
4980	timeout.exe
5032	timeout.exe
2600	timeout.exe
4360	timeout.exe
4684	timeout.exe
2476	timeout.exe
3424	timeout.exe
3916	timeout.exe
1904	timeout.exe
5008	timeout.exe
4148	timeout.exe
3868	timeout.exe
3076	timeout.exe
4028	timeout.exe
4952	timeout.exe
3616	timeout.exe
4632	timeout.exe
5068	timeout.exe
1520	timeout.exe
212	timeout.exe
3448	timeout.exe
2740	timeout.exe
1040	timeout.exe
2764	timeout.exe
2268	timeout.exe
3008	timeout.exe
3768	timeout.exe
1792	timeout.exe
436	timeout.exe
780	timeout.exe
2300	timeout.exe
116	timeout.exe
1800	timeout.exe
4448	timeout.exe
1152	timeout.exe
3284	timeout.exe
4488	timeout.exe

Kills process with taskkill 1 IoCs
evasion

Processes:

taskkill.exe

pid process

4388 taskkill.exe
Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

taskkill.exe

description pid process

Token: SeDebugPrivilege 4388 taskkill.exe

pid	process
4388	taskkill.exe

description	pid	process
Token: SeDebugPrivilege	4388	taskkill.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

cmd.execmd.exe

description	pid	process	target process
PID 3888 wrote to memory of 4388	3888	cmd.exe	taskkill.exe
PID 3888 wrote to memory of 4388	3888	cmd.exe	taskkill.exe
PID 3888 wrote to memory of 4332	3888	cmd.exe	cmd.exe
PID 3888 wrote to memory of 4332	3888	cmd.exe	cmd.exe
PID 3888 wrote to memory of 4320	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4320	3888	cmd.exe	timeout.exe
PID 4332 wrote to memory of 2184	4332	cmd.exe	cmd.exe
PID 4332 wrote to memory of 2184	4332	cmd.exe	cmd.exe
PID 3888 wrote to memory of 4980	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4980	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4176	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4176	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4228	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4228	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1800	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1800	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4104	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4104	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1068	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1068	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1668	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1668	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2044	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2044	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2764	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2764	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2888	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2888	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4540	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4540	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4212	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4212	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2140	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2140	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2244	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2244	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2268	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2268	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4632	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4632	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1520	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1520	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 560	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 560	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1308	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1308	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 5008	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 5008	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1876	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1876	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1420	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1420	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2432	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2432	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4488	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4488	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 212	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 212	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1840	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 1840	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4492	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 4492	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2440	3888	cmd.exe	timeout.exe
PID 3888 wrote to memory of 2440	3888	cmd.exe	timeout.exe

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\start.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:3888

C:\Windows\system32\taskkill.exe
taskkill /f /im python.exe
2⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
PID:4388

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /K disclaimer.bat
2⤵
- Suspicious use of WriteProcessMemory
PID:4332

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "prompt #$H#$E# & echo on & for %b in (1) do rem"
3⤵
PID:2184

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4320

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4980

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4176

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4228

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:1800

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4104

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:1068

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1668

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2044

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2764

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2888

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4540

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4212

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2140

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2244

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2268

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4632

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:1520

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:560

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1308

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:5008

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1876

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1420

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2432

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4488

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:212

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:1840

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4492

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2440

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:1188

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:828

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4608

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1456

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4996

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:5000

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4148

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4952

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3944

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:1604

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4864

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3328

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3644

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4716

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4516

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3312

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1384

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1064

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3420

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3236

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2476

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2796

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:5004

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3868

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4408

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2660

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1932

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2720

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1368

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3424

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2060

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4644

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4056

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1568

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3212

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1836

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:924

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2228

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3176

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4500

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3592

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2208

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1212

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1780

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1012

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3916

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2168

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1332

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2192

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3464

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:5096

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2184

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3968

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:5056

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3076

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1992

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3996

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4184

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2116

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4228

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4396

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1116

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2280

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4448

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3816

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:1904

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3932

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:800

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3800

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3448

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:436

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:1348

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3852

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2008

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3268

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2492

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4244

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4360

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3388

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4684

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:1152

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2236

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:780

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2300

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4204

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4084

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3772

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1520

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2460

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2612

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:5032

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1628

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4796

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3808

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3008

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:2316

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3732

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4468

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:116

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4180

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2740

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:988

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4492

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4364

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:1040

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3768

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4200

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3288

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:5068

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:1792

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2004

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:4948

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4028

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1632

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:4952

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:3944

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
PID:1604

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3284

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:2600

C:\Windows\system32\timeout.exe
timeout /t 1
2⤵
- Delays execution with timeout.exe
PID:3616

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads