Overview

overview

8

Static

static

3

Crack/WIN/...on.cmd

windows7-x64

8

Crack/WIN/...on.cmd

windows10-2004-x64

8

adobemaste...ti.exe

windows7-x64

1

adobemaste...ti.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2024, 14:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Crack/WIN/disable_activation.cmd

  • Size

    405B

  • MD5

    11bd75442aca7d7cd8b2f84ff3427b95

  • SHA1

    3c4342f4435f40c9c16f63cefa9366157c5a396a

  • SHA256

    4f53f4d3de10c4bbd3faccd6e2709ce1406b14d0fad6f53149343008983aa8f8

  • SHA512

    4b3a5c0c797e189771d9bb0b619ab161283a176900e9a3679b846ba915db48359e7e2dc55bee118ca70f2a5a41520d7e67ffcec9cffc0265b3ac98bd126352d2

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Crack\WIN\disable_activation.cmd"
    1⤵
    • Drops file in Drivers directory
    • Suspicious use of WriteProcessMemory
    PID:2480
    • C:\Windows\system32\find.exe
      FIND /C /I "activate.adobe.com" C:\Windows\system32\drivers\etc\hosts
      2⤵
        PID:3028
      • C:\Windows\system32\find.exe
        FIND /C /I "practivate.adobe.com" C:\Windows\system32\drivers\etc\hosts
        2⤵
          PID:1188

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Windows\system32\drivers\etc\hosts
        Filesize

        1KB

        MD5

        dc2ceacd32dfaff78cecfe4301fb8cb5

        SHA1

        47696347250da8f7b6b5288071eaf0d9c54f69c4

        SHA256

        2552162fc4f15f21d31a44f3d92cbd951d469d9d790d45da90792e674aabb530

        SHA512

        f2819d1450a59c697857ecaaf3a3b4276f8149832825bbf07d4e36c05e8763c50fd818221ccc1150937373fc11f5d1f57521e3ca6a72ea48423ef19e53ed633b

        Download Submit