Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
18-04-2024 01:22
Static task
static1
Behavioral task
behavioral1
Sample
u2.bat
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
General
-
Target
u2.bat
-
Size
326B
-
MD5
acaf01f83da439915027c3e2e900c8dd
-
SHA1
2861b4e463fa89e05f2d7d629fae5140cef49843
-
SHA256
3b3bd81232f517ba6d65c7838c205b301b0f27572fcfef9e5b86dd30a1d55a0d
-
SHA512
dc33e9b7e2dde66a3793955899221513e1f7b156801f1cc56eb48ad5cbf2b8c4facf8ad33c5bd63e4ec607e95e8b909f4bc280aaca4e29f07883879ec97a3e61
Score
1/10
Malware Config
Signatures
-
Runs ping.exe 1 TTPs 1 IoCs
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes:
cmd.exedescription pid process target process PID 2248 wrote to memory of 2956 2248 cmd.exe rundll32.exe PID 2248 wrote to memory of 2956 2248 cmd.exe rundll32.exe PID 2248 wrote to memory of 2956 2248 cmd.exe rundll32.exe PID 2248 wrote to memory of 2028 2248 cmd.exe PING.EXE PID 2248 wrote to memory of 2028 2248 cmd.exe PING.EXE PID 2248 wrote to memory of 2028 2248 cmd.exe PING.EXE