1461efb74e4b5d0fa92d9af956faf5f2b6255e23df217f8cfea9e292f3e381f4 | Triage

Analysis

max time kernel
122s
max time network
124s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
01/06/2024, 21:27

Sharing

Report Analysis Logs

General

Target

v5 yssmrn_/Requirements.bat
Size

361B
MD5

e7309225d0c6e6134067b04929026714
SHA1

3bcb30f74b283a8828df828b6f37ac5e6cb7bde0
SHA256

bd99282d58b56094bd827a74e3600acc9f49d9df5d7c64ed4ce34970720c96fc
SHA512

724ac628b8f6e787d0a0ff0dac9103906e2d0e67eadc2cea073a22d92e013f2d8811ce3cd8acbaea0fb7ecf5bd0b0a60e39dee1e526e9c9e766822f83b4b35e2

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2128 wrote to memory of 996	2128	cmd.exe	29
PID 2128 wrote to memory of 996	2128	cmd.exe	29
PID 2128 wrote to memory of 996	2128	cmd.exe	29

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\v5 yssmrn_\Requirements.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:2128
- C:\Windows\system32\where.exe
  where pip
  2⤵
  PID:996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads