Overview

overview

3

Static

static

3

mineways/Mineways.exe

windows11-21h2-x64

1

mineways/T...er.exe

windows11-21h2-x64

1

mineways/T...er.exe

windows11-21h2-x64

1

mineways/d...y.html

windows11-21h2-x64

3

mineways/d...t.html

windows11-21h2-x64

3

mineways/d...s.html

windows11-21h2-x64

3

mineways/d...x.html

windows11-21h2-x64

3

mineways/d...s.html

windows11-21h2-x64

3

mineways/d...e.html

windows11-21h2-x64

3

mineways/d...ipt.js

windows11-21h2-x64

3

mineways/d...g.html

windows11-21h2-x64

3

mineways/d...s.html

windows11-21h2-x64

3

mineways/f...32.exe

windows11-21h2-x64

3

mineways/mineways.bat

windows11-21h2-x64

1

mineways/m...og.bat

windows11-21h2-x64

1

mineways/m...ug.bat

windows11-21h2-x64

1

mineways/m...ds.bat

windows11-21h2-x64

1

mineways/s...map.py

windows11-21h2-x64

3

mineways/s...es.bat

windows11-21h2-x64

1

mineways/s...te.bat

windows11-21h2-x64

1

mineways/s...eld.py

windows11-21h2-x64

3

mineways/s...ker.py

windows11-21h2-x64

3

mineways/s...aps.py

windows11-21h2-x64

3

mineways/s...ap.bat

windows11-21h2-x64

1

mineways/s...or.bat

windows11-21h2-x64

1

Analysis

  • max time kernel
    430s
  • max time network
    1159s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10/08/2024, 13:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    mineways/mineways_min_debug.bat

  • Size

    513B

  • MD5

    4d48ccf69ca963a037fbe67dcc86d8b6

  • SHA1

    331af7120284062b4e1b2727510f0149492dbd04

  • SHA256

    0d0742258b42f2833f641b209cd0c9049fb195dff15ef44044d08e8b6c9bc263

  • SHA512

    3f09e5debcf11d11f5fdc4d8de0c25ef761c397d80a9c740ae95792291f88db0e999fda96243958b3999dc858a84d53fc89ed5300c6ddb48251a646c9951dd8b

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\mineways\mineways_min_debug.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:940
    • C:\Users\Admin\AppData\Local\Temp\mineways\Mineways.exe
      mineways.exe -l mineways_exec.log -s none
      2⤵
        PID:1852

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads