Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
-
submitted
14-06-2024 01:38
General
-
Target
6438/8157.cmd
-
Size
275B
-
MD5
533d29a067a011b9115e4fcbc94305d7
-
SHA1
1ff3aa4f90e4933ebfe20e1398dc22ecf8a2e771
-
SHA256
7bad03aef5b3d3c66dd5a4ed8a82d18643e90536b963e0711611e3266f24d054
-
SHA512
01d8fc83062dd83e15d3345e2463c6161c052e50a9cfe416de0f7ed569cc02cd63c091f5537ad0ceedf7414cad74ccbd96ab732587b873dd7152c6faadaf5d00
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Runs ping.exe 1 TTPs 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\6438\8157.cmd"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\PING.EXEping 127.0.0.12⤵
- Runs ping.exe
-
\??\c:\users\public\re.exec:\\users\\public\\re.exe 6438\plugged.dat2⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Public\re.exeFilesize
24KB
MD5b0c2fa35d14a9fad919e99d9d75e1b9e
SHA18d7c2fd354363daee63e8f591ec52fa5d0e23f6f
SHA256022cb167a29a32dae848be91aef721c74f1975af151807dafcc5ed832db246b7
SHA512a6155e42b605425914d1bf745d9b2b5ed57976e161384731c6821a1f8fa2bc3207a863ae45d6ad371ac82733b72bb024204498baa4fb38ad46c6d7bc52e5a022