Overview

overview

3

Static

static

3

mineways/Mineways.exe

windows11-21h2-x64

1

mineways/T...er.exe

windows11-21h2-x64

1

mineways/T...er.exe

windows11-21h2-x64

1

mineways/d...y.html

windows11-21h2-x64

3

mineways/d...t.html

windows11-21h2-x64

3

mineways/d...s.html

windows11-21h2-x64

3

mineways/d...x.html

windows11-21h2-x64

3

mineways/d...s.html

windows11-21h2-x64

3

mineways/d...e.html

windows11-21h2-x64

3

mineways/d...ipt.js

windows11-21h2-x64

3

mineways/d...g.html

windows11-21h2-x64

3

mineways/d...s.html

windows11-21h2-x64

3

mineways/f...32.exe

windows11-21h2-x64

3

mineways/mineways.bat

windows11-21h2-x64

1

mineways/m...og.bat

windows11-21h2-x64

1

mineways/m...ug.bat

windows11-21h2-x64

1

mineways/m...ds.bat

windows11-21h2-x64

1

mineways/s...map.py

windows11-21h2-x64

3

mineways/s...es.bat

windows11-21h2-x64

1

mineways/s...te.bat

windows11-21h2-x64

1

mineways/s...eld.py

windows11-21h2-x64

3

mineways/s...ker.py

windows11-21h2-x64

3

mineways/s...aps.py

windows11-21h2-x64

3

mineways/s...ap.bat

windows11-21h2-x64

1

mineways/s...or.bat

windows11-21h2-x64

1

Analysis

  • max time kernel
    419s
  • max time network
    1153s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10/08/2024, 13:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    mineways/mineways_without_worlds.bat

  • Size

    307B

  • MD5

    3c11169a0340164dccd81a602a2740ab

  • SHA1

    bd3c524c1da281923949e1d6769952547419c212

  • SHA256

    8f30e49cdd085721c18d942d09a2a54c593a2759f5530ba6a803530083af2d0d

  • SHA512

    4216e3ad8560b296b609d082ec5292cf7614e7737ab77fa7b266fefdafe3a09c79b3657a8b0fe614f18b0f2ca4c9f4376d423a25c21a6369e91c2812648a30ac

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\mineways\mineways_without_worlds.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3084
    • C:\Users\Admin\AppData\Local\Temp\mineways\Mineways.exe
      mineways.exe -s none
      2⤵
        PID:1748

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads