Overview

overview

1

Static

static

1

Iloveyou.bat

windows7-x64

1

Iloveyou.bat

windows10-2004-x64

1

Resubmissions

04-05-2024 12:54

240504-p5fg4see7w 1

Analysis

  • max time kernel
    100s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-05-2024 12:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Iloveyou.bat

  • Size

    329B

  • MD5

    63705f835930c2b36ab47116e36b4065

  • SHA1

    7fa737ddf3fffcd5443a08be5cf4f3d76d421a47

  • SHA256

    e2cfcec5683907474c81bca42aa9c8b524e6d6a5108be7358122aef30012e804

  • SHA512

    d2648d4a1f1b37cf7cb14436ba7f45451bf980463e8ba6cb34750a53965a5d1001e0abdcde400b293ac3a3c3d796ff7d59e7b541df84a667a48403446306d8df

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\Iloveyou.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1912
    • C:\Windows\system32\shutdown.exe
      shutdown -s -t 100
      2⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:5016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads