Overview

overview

10

Static

static

1

riot.cmd

windows7-x64

10

riot.cmd

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    riot.cmd

  • Size

    539B

  • Sample

    240813-w34kgsthlp

  • MD5

    44bd4f8b0eac07a8dd9c5158a7e0560a

  • SHA1

    e5d4c9617c22a84d3aac7cf9b3fa7891e5dba1c7

  • SHA256

    1af03a8f2458fb74cca22087695d63c93b7a5b14333499bc221c34b0093a08a7

  • SHA512

    780b117596936cd7fa40d9514ff34b238030cd302e9737fc2340747eb869cdf13e0877e33d2b85340063496e84b16d042c3f74ed1621c5f7b86cc8837558c72d

Score
10/10

Malware Config

Targets

    • Target

      riot.cmd

    • Size

      539B

    • MD5

      44bd4f8b0eac07a8dd9c5158a7e0560a

    • SHA1

      e5d4c9617c22a84d3aac7cf9b3fa7891e5dba1c7

    • SHA256

      1af03a8f2458fb74cca22087695d63c93b7a5b14333499bc221c34b0093a08a7

    • SHA512

      780b117596936cd7fa40d9514ff34b238030cd302e9737fc2340747eb869cdf13e0877e33d2b85340063496e84b16d042c3f74ed1621c5f7b86cc8837558c72d

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks