81251cbd72094f75056b05667727b5237922810be7750210678af5b4ca5aec83 | Triage

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
10-08-2024 08:29

Sharing

Report Analysis Logs

General

Target

launch.bat
Size

50B
MD5

11f888c721558d771d9d7e203146102e
SHA1

87b76b891ea646de40798dcd2522065f68aaea0d
SHA256

9fd1f058d59563dd1dd723608304d989f5ee91b20166755b77a8aa87c795e295
SHA512

6023860eeca2a817b3c4866ec74e39bce008a16f6a6fc11bfc63acc2d346f371af579b9ffc2655ad953e2379d3edefb4f1ad658bf2dd99ce7f87efe7407d33bd

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2764 wrote to memory of 2984	2764	cmd.exe	31
PID 2764 wrote to memory of 2984	2764	cmd.exe	31
PID 2764 wrote to memory of 2984	2764	cmd.exe	31

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\launch.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:2764
- C:\Windows\system32\java.exe
  java -jar Adjust.jar
  2⤵
  PID:2984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2984-2-0x0000000002540000-0x00000000027B0000-memory.dmp

Filesize
2.4MB

Download
memory/2984-11-0x0000000000540000-0x0000000000541000-memory.dmp

Filesize
4KB

Download
memory/2984-12-0x0000000002540000-0x00000000027B0000-memory.dmp

Filesize
2.4MB

Download