Analysis
-
max time kernel
454s -
max time network
455s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
28-05-2024 15:22
Behavioral task
behavioral1
Sample
FA AntiVira Prosses Watch.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
5 signatures
150 seconds
Behavioral task
behavioral2
Sample
iubhnuerfwiuherwfiuhewfiuhewfiuiuefwuihefwuihewfuhewfuewfueuwfhi.bat
Resource
win10v2004-20240426-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
iubhnuerfwiuherwfiuhewfiuhewfiuiuefwuihefwuihewfuhewfuewfueuwfhi.bat
-
Size
583B
-
MD5
a88236b393cbea80f72d29785be483c3
-
SHA1
6ebf04c2270e2738f7c6d2ccb4f2eb2d38335f1f
-
SHA256
278fa8d4fb12b506bb712bc9a5562bc1718f88a0a53899ffe479b51c6bf55cf2
-
SHA512
fdd5202f6569e4822d3148417153d5b0e1446b731f162ace04f78a726d77555e6b5e9856be8c34f3fc046ba960d88084fb550adf155a496d01e6c97665da4aca
Score
1/10
Malware Config
Signatures
-
Delays execution with timeout.exe 22 IoCs
Processes:
timeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exetimeout.exepid process 5116 timeout.exe 868 timeout.exe 4252 timeout.exe 4764 timeout.exe 2472 timeout.exe 3852 timeout.exe 4956 timeout.exe 4088 timeout.exe 464 timeout.exe 4744 timeout.exe 644 timeout.exe 3388 timeout.exe 5004 timeout.exe 4712 timeout.exe 2500 timeout.exe 384 timeout.exe 2452 timeout.exe 4112 timeout.exe 2036 timeout.exe 5056 timeout.exe 1288 timeout.exe 1544 timeout.exe -
Suspicious use of WriteProcessMemory 44 IoCs
Processes:
cmd.exedescription pid process target process PID 1212 wrote to memory of 868 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 868 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4252 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4252 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 3388 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 3388 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4764 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4764 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4088 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4088 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 2472 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 2472 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 464 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 464 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 5004 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 5004 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4712 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4712 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4744 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4744 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 3852 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 3852 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 2452 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 2452 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4112 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4112 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 2500 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 2500 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 2036 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 2036 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 5056 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 5056 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 644 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 644 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 384 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 384 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4956 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 4956 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 1288 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 1288 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 1544 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 1544 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 5116 1212 cmd.exe timeout.exe PID 1212 wrote to memory of 5116 1212 cmd.exe timeout.exe
Processes
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\iubhnuerfwiuherwfiuhewfiuhewfiuiuefwuihefwuihewfuhewfuewfueuwfhi.bat"1⤵
- Suspicious use of WriteProcessMemory
PID:1212 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:868 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:4252 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:3388 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:4764 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:4088 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:2472 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:464 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:5004 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:4712 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:4744 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:3852 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:2452 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:4112 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:2500 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:2036 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:5056 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:644 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:384 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:4956 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:1288 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:1544 -
C:\Windows\system32\timeout.exetimeout 12⤵
- Delays execution with timeout.exe
PID:5116