6d743e476e1408e99415d767b32266a434df12cc583ceb0be5d13398d017782c | Triage

Analysis

max time kernel
1737s
max time network
1748s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
01/07/2024, 04:37

Sharing

Report Analysis Logs

General

Target

ne.bat
Size

2KB
MD5

8cb6c4603964edc39539d98d9c88da99
SHA1

b01d7ba59b87b99709fbff1c9c3af21eec69b745
SHA256

6d743e476e1408e99415d767b32266a434df12cc583ceb0be5d13398d017782c
SHA512

3d38048eb181c63a3d563fb96fe8f9f37895389c27ebcd49cc0cd563bcdb0376428eb22969fc61c860a5af8cad808f25e522c32ac643c91be03b26cc0dc10de6

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 2824 wrote to memory of 112	2824	cmd.exe	78
PID 2824 wrote to memory of 112	2824	cmd.exe	78

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\ne.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:2824
- C:\Windows\system32\chcp.com
  chcp 65001
  2⤵
  PID:112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads