8d412ad0edeeac91f56841f7d71076846e3b9d7acb7bc7214ccfb910661e3f82 | Triage

Analysis

max time kernel
118s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
28/02/2024, 15:44

Sharing

Report Analysis Logs

General

Target

Batch CIA 3DS Decryptor.bat
Size

2KB
MD5

5d86ad3b724a51f72610afdb98c34929
SHA1

9e37208a037b7112773a865742b7cdd7124c4cd1
SHA256

8d412ad0edeeac91f56841f7d71076846e3b9d7acb7bc7214ccfb910661e3f82
SHA512

851b1da7142fd649cc51c390a1b0420beedf198d050a9f8f9bdcb4075ae39c98504b7f543a26fae48bdd6159f5ab722cd492c52636b5d3ad695311b5513797b8

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1968 wrote to memory of 2196	1968	cmd.exe	29
PID 1968 wrote to memory of 2196	1968	cmd.exe	29
PID 1968 wrote to memory of 2196	1968	cmd.exe	29

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Batch CIA 3DS Decryptor.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:1968
- C:\Windows\system32\mode.com
  mode con cols=52 lines=26
  2⤵
  PID:2196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads