47961c394d3b03bd1670e702b2ac59071dc54535657c82772e08e0a2d767b7c4 | Triage

Analysis

max time kernel
433s
max time network
1160s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
10/08/2024, 13:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

mineways/mineways_debug_log.bat
Size

307B
MD5

82a4c54b418a53c4e239166c23982c9a
SHA1

0ab8a65356171bb3fd5c116a10af3b3b1aa2dfc2
SHA256

ce91126350ed6fc841f8e32a1e2c5ab41fd7fb67362d72e8a89c897faef19c3a
SHA512

d88680f699efc7e1aae455e4fc53ed624a358c776fac192b25b97360c73fa1f4ed5552fca9c4e357839dd34bea5c7394190658ddfdfc16bfdcace02717ece85f

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 4732 wrote to memory of 4496	4732	cmd.exe	83
PID 4732 wrote to memory of 4496	4732	cmd.exe	83

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\mineways\mineways_debug_log.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:4732
- C:\Users\Admin\AppData\Local\Temp\mineways\Mineways.exe
  mineways.exe -l mineways_exec.log
  2⤵
  PID:4496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads