17c8959709e9555564ffb92f7ec133054f4933f6f73973866095131a890e3f39 | Triage

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
03/05/2024, 16:10

Sharing

Report Analysis Logs

General

Target

Younx Tweaker.bat
Size

318KB
MD5

b0c269dd3893ca08a9cb467032379b32
SHA1

d521ec829d34ff110014714460330f8e4095af15
SHA256

17c8959709e9555564ffb92f7ec133054f4933f6f73973866095131a890e3f39
SHA512

b248394a952e0d6788edf407c0c1faa6d226565592ace43118819822d271e6c06abfc21f98e755717ec128ab4126f8bb2f14d40223a8e866e9b4681d7a4fea7e
SSDEEP

1536:7a24UHq9vV6ybDqm5RRAXuJaUqPC4HVPCia9x9z7AwNd9:ctlOmFyuJazVPCZ7dAIr

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2200 wrote to memory of 804	2200	cmd.exe	29
PID 2200 wrote to memory of 804	2200	cmd.exe	29
PID 2200 wrote to memory of 804	2200	cmd.exe	29

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Younx Tweaker.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:2200
- C:\Windows\system32\chcp.com
  chcp 65001
  2⤵
  PID:804

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads