d261cc4cc40165817ae64ca19140e5c574f36d97c703165256e92e1df02becd0 | Triage

Submit
Reports

Overview

overview

Static

static

7

Executable...ce.url

windows10-2004-x64

1

Executable...rd.url

windows10-2004-x64

1

Executable...on.url

windows10-2004-x64

1

Executable...um.url

windows10-2004-x64

1

Executable...ub.url

windows10-2004-x64

1

Executable...te.url

windows10-2004-x64

1

Executable...e).url

windows10-2004-x64

1

Executable...ub.url

windows10-2004-x64

1

Executable...er.cmd

windows10-2004-x64

Executable...TI.cmd

windows10-2004-x64

1

Executable...vc.cmd

windows10-2004-x64

Executable...ev.cmd

windows10-2004-x64

Executable...er.exe

windows10-2004-x64

3

Executable...ce.exe

windows10-2004-x64

7

Executable...P1.cmd

windows10-2004-x64

1

Executable...P2.cmd

windows10-2004-x64

1

Executable...RS.cmd

windows10-2004-x64

1

Executable...OP.cmd

windows10-2004-x64

1

Executable...NP.ps1

windows10-2004-x64

1

Executables/EDGE.cmd

windows10-2004-x64

1

Executable...ZE.cmd

windows10-2004-x64

6

Executable...PT.ps1

windows10-2004-x64

1

Executables/ONED.cmd

windows10-2004-x64

1

Executables/PFP.cmd

windows10-2004-x64

1

Executables/POWER.cmd

windows10-2004-x64

1

Executable...NU.cmd

windows10-2004-x64

4

Executable...TH.cmd

windows10-2004-x64

1

Executable...ER.cmd

windows10-2004-x64

4

Executable...00.png

windows10-2004-x64

3

Executable...rk.png

windows10-2004-x64

3

Executable...ht.png

windows10-2004-x64

3

playbook.xml

windows10-2004-x64

1

Resubmissions

25-04-2023 20:18

230425-y3j7yscg23 10

Analysis

max time kernel
477s
max time network
480s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
25-04-2023 20:18

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Executables/Atlas/4. Troubleshooting/Visual C++ Redistributables/Visual C++ Redistributables AIO Source.url

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral2

Sample

Executables/Atlas/Atlas Discord.url

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral3

Sample

Executables/Atlas/Atlas Documentation.url

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral4

Sample

Executables/Atlas/Atlas Forum.url

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral5

Sample

Executables/Atlas/Atlas GitHub.url

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral6

Sample

Executables/Atlas/Atlas Website.url

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral7

Sample

Executables/AtlasModules/Acknowledgements/Atlas Utilities (filepicker & multichoice).url

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral8

Sample

Executables/AtlasModules/Acknowledgements/setSvc GitHub.url

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral9

Sample

Executables/AtlasModules/Scripts/Auto-Cleaner.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

6 signatures

600 seconds

Behavioral task

behavioral10

Sample

Executables/AtlasModules/Scripts/RunAsTI.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral11

Sample

Executables/AtlasModules/Scripts/setSvc.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

6 signatures

600 seconds

Behavioral task

behavioral12

Sample

Executables/AtlasModules/Scripts/toggleDev.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

6 signatures

600 seconds

Behavioral task

behavioral13

Sample

Executables/AtlasModules/Tools/filepicker.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral14

Sample

Executables/AtlasModules/Tools/multichoice.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral15

Sample

Executables/BACKUP1.cmd

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral16

Sample

Executables/BACKUP2.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral17

Sample

Executables/CONVERTUSERS.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral18

Sample

Executables/COPYDESKTOP.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral19

Sample

Executables/DISABLEPNP.ps1

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral20

Sample

Executables/EDGE.cmd

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral21

Sample

Executables/FINALIZE.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

8 signatures

600 seconds

Behavioral task

behavioral22

Sample

Executables/MITIGATIONPROMPT.ps1

Resource

win10v2004-20230221-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral23

Sample

Executables/ONED.cmd

Resource

win10v2004-20230221-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral24

Sample

Executables/PFP.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral25

Sample

Executables/POWER.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral26

Sample

Executables/STARTMENU.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

7 signatures

600 seconds

Behavioral task

behavioral27

Sample

Executables/UPDHEALTH.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral28

Sample

Executables/WALLPAPER.cmd

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral29

Sample

Executables/Web/Screen/img100.png

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral30

Sample

Executables/Web/Wallpaper/Windows/atlas-dark.png

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral31

Sample

Executables/Web/Wallpaper/Windows/atlas-light.png

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral32

Sample

playbook.xml

Resource

win10v2004-20230220-en

windows10-2004-x64

5 signatures

600 seconds

Report Analysis Logs

General

Target

Executables/AtlasModules/Scripts/RunAsTI.cmd
Size

7KB
MD5

58d3e9a4570d66eb9fcbabf715fa75c1
SHA1

7981f41f7db56448c803db11856c3c771cb0cf27
SHA256

b2b1ddb8430533f2a87aa40a4e7d79df76d2b9cf146bfa9652f91d266d7ba690
SHA512

a5c3ead2bf4883f6eeea268ea73f2907ed5840d69f78d8c74f2695b5ed293290c3ecb7942b3d3bab265a5cd9ca3b31615a0976bd08f0d6f1338dfc5dc03ad767
SSDEEP

192:1tYHOTnAJxIX3MJwKb7kJkZL0+qxsD9xG6l7AboMlkObV:1tiOTnf3cxvJCxCRKboMlR

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\Executables\AtlasModules\Scripts\RunAsTI.cmd"
1⤵
PID:5112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy