Overview

overview

1

Static

static

1

tulipicalv1.bat

windows7-x64

1

tulipicalv1.bat

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-05-2024 11:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tulipicalv1.bat

  • Size

    135B

  • MD5

    a5ec871d590f7aaa91f31900dafd7d85

  • SHA1

    6ca11d8a45399dab87e9b92c940e8d5f448a8bd3

  • SHA256

    d4b74666f41414973bff4c2dbfe7d05e3d414cc81ba007b23353393c1d7d5c22

  • SHA512

    f854d5e3146821434b1cb634910b1d8965a0b5fe0b371f1c0a888d570c5d018e52f9b1331b0503744e103944f905f0014a302208688e3230b74a52d3cd22fd4e

Score
1/10

Malware Config

Signatures

  • Gathers network information 2 TTPs 1 IoCs

    Uses commandline utility to view network configuration.

  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\tulipicalv1.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:532
    • C:\Windows\system32\help.exe
      help
      2⤵
        PID:2644
      • C:\Windows\system32\ipconfig.exe
        ipconfig
        2⤵
        • Gathers network information
        PID:1124
      • C:\Windows\system32\help.exe
        help
        2⤵
          PID:1576
        • C:\Windows\system32\help.exe
          help
          2⤵
            PID:2932

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads