f10238b5c883701acedf1b9a7d72b3a3909f8d86f488f5b138040af23206f8e8

Analysis

max time kernel
142s
max time network
132s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
20/08/2024, 15:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

echo off.bat
Size

2KB
MD5

09a1500fddfa7d6f8ce93cf12e2ea886
SHA1

8242e4722aff04d62f896becf2c81c0304409f1d
SHA256

f10238b5c883701acedf1b9a7d72b3a3909f8d86f488f5b138040af23206f8e8
SHA512

a099d59fb0cdd3625d3319417631d1983bc6cf3026213817e2a2d17726db37d5e8b87a6be734ec7390f2b66f1a90ec1103cdbc58cf2beeb09abf707078fa91d4

Score

3^/10

discovery

Malware Config

Signatures

System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 64 IoCs

Adversaries may check for Internet connectivity on compromised systems.

discovery

Internet Connection Discovery

T1016.001

pid	Process
440	PING.EXE
748	PING.EXE
4128	PING.EXE
2396	PING.EXE
2476	PING.EXE
4400	PING.EXE
4412	PING.EXE
3552	PING.EXE
1420	PING.EXE
3560	PING.EXE
2348	PING.EXE
1016	PING.EXE
3744	PING.EXE
1244	PING.EXE
3468	PING.EXE
4532	PING.EXE
3580	PING.EXE
1588	PING.EXE
1584	PING.EXE
2008	PING.EXE
4312	PING.EXE
4300	PING.EXE
5024	PING.EXE
2852	PING.EXE
2708	PING.EXE
4824	PING.EXE
1408	PING.EXE
2728	PING.EXE
4484	PING.EXE
4472	PING.EXE
3660	PING.EXE
3564	PING.EXE
2988	PING.EXE
4480	PING.EXE
3120	PING.EXE
1948	PING.EXE
4476	PING.EXE
4316	PING.EXE
2096	PING.EXE
2580	PING.EXE
4840	PING.EXE
1992	PING.EXE
468	PING.EXE
4132	PING.EXE
2712	PING.EXE
32	PING.EXE
2128	PING.EXE
1168	PING.EXE
2240	PING.EXE
1536	PING.EXE
4368	PING.EXE
4756	PING.EXE
1516	PING.EXE
2612	PING.EXE
780	PING.EXE
1192	PING.EXE
2332	PING.EXE
3080	PING.EXE
2888	PING.EXE
2592	PING.EXE
4712	PING.EXE
3652	PING.EXE
1872	PING.EXE
1296	PING.EXE

Runs ping.exe 1 TTPs 64 IoCs

Remote System Discovery

T1018

pid	Process
2356	PING.EXE
4472	PING.EXE
4408	PING.EXE
2096	PING.EXE
1244	PING.EXE
2476	PING.EXE
4824	PING.EXE
4480	PING.EXE
1872	PING.EXE
4368	PING.EXE
2888	PING.EXE
1296	PING.EXE
780	PING.EXE
2712	PING.EXE
2728	PING.EXE
5032	PING.EXE
3080	PING.EXE
3468	PING.EXE
748	PING.EXE
1196	PING.EXE
2008	PING.EXE
4312	PING.EXE
1516	PING.EXE
1356	PING.EXE
3652	PING.EXE
4400	PING.EXE
1480	PING.EXE
5052	PING.EXE
5068	PING.EXE
2396	PING.EXE
3592	PING.EXE
2896	PING.EXE
32	PING.EXE
1584	PING.EXE
2592	PING.EXE
2988	PING.EXE
4412	PING.EXE
3660	PING.EXE
4316	PING.EXE
3564	PING.EXE
1420	PING.EXE
1016	PING.EXE
708	PING.EXE
1192	PING.EXE
4476	PING.EXE
4300	PING.EXE
4404	PING.EXE
4532	PING.EXE
3580	PING.EXE
4484	PING.EXE
2196	PING.EXE
620	PING.EXE
1168	PING.EXE
4288	PING.EXE
3236	PING.EXE
4764	PING.EXE
4292	PING.EXE
2348	PING.EXE
1948	PING.EXE
3548	PING.EXE
4908	PING.EXE
2848	PING.EXE
5024	PING.EXE
916	PING.EXE

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1028 wrote to memory of 2008	1028	cmd.exe	86
PID 1028 wrote to memory of 2008	1028	cmd.exe	86
PID 1028 wrote to memory of 1016	1028	cmd.exe	87
PID 1028 wrote to memory of 1016	1028	cmd.exe	87
PID 1028 wrote to memory of 4400	1028	cmd.exe	88
PID 1028 wrote to memory of 4400	1028	cmd.exe	88
PID 1028 wrote to memory of 1480	1028	cmd.exe	89
PID 1028 wrote to memory of 1480	1028	cmd.exe	89
PID 1028 wrote to memory of 708	1028	cmd.exe	90
PID 1028 wrote to memory of 708	1028	cmd.exe	90
PID 1028 wrote to memory of 2960	1028	cmd.exe	91
PID 1028 wrote to memory of 2960	1028	cmd.exe	91
PID 1028 wrote to memory of 2128	1028	cmd.exe	92
PID 1028 wrote to memory of 2128	1028	cmd.exe	92
PID 1028 wrote to memory of 3080	1028	cmd.exe	93
PID 1028 wrote to memory of 3080	1028	cmd.exe	93
PID 1028 wrote to memory of 468	1028	cmd.exe	94
PID 1028 wrote to memory of 468	1028	cmd.exe	94
PID 1028 wrote to memory of 916	1028	cmd.exe	95
PID 1028 wrote to memory of 916	1028	cmd.exe	95
PID 1028 wrote to memory of 4412	1028	cmd.exe	96
PID 1028 wrote to memory of 4412	1028	cmd.exe	96
PID 1028 wrote to memory of 3444	1028	cmd.exe	97
PID 1028 wrote to memory of 3444	1028	cmd.exe	97
PID 1028 wrote to memory of 4784	1028	cmd.exe	99
PID 1028 wrote to memory of 4784	1028	cmd.exe	99
PID 1028 wrote to memory of 4132	1028	cmd.exe	100
PID 1028 wrote to memory of 4132	1028	cmd.exe	100
PID 1028 wrote to memory of 3744	1028	cmd.exe	101
PID 1028 wrote to memory of 3744	1028	cmd.exe	101
PID 1028 wrote to memory of 3120	1028	cmd.exe	102
PID 1028 wrote to memory of 3120	1028	cmd.exe	102
PID 1028 wrote to memory of 5052	1028	cmd.exe	104
PID 1028 wrote to memory of 5052	1028	cmd.exe	104
PID 1028 wrote to memory of 3468	1028	cmd.exe	105
PID 1028 wrote to memory of 3468	1028	cmd.exe	105
PID 1028 wrote to memory of 4312	1028	cmd.exe	106
PID 1028 wrote to memory of 4312	1028	cmd.exe	106
PID 1028 wrote to memory of 3660	1028	cmd.exe	107
PID 1028 wrote to memory of 3660	1028	cmd.exe	107
PID 1028 wrote to memory of 1872	1028	cmd.exe	108
PID 1028 wrote to memory of 1872	1028	cmd.exe	108
PID 1028 wrote to memory of 1408	1028	cmd.exe	109
PID 1028 wrote to memory of 1408	1028	cmd.exe	109
PID 1028 wrote to memory of 2580	1028	cmd.exe	110
PID 1028 wrote to memory of 2580	1028	cmd.exe	110
PID 1028 wrote to memory of 1516	1028	cmd.exe	111
PID 1028 wrote to memory of 1516	1028	cmd.exe	111
PID 1028 wrote to memory of 2888	1028	cmd.exe	112
PID 1028 wrote to memory of 2888	1028	cmd.exe	112
PID 1028 wrote to memory of 2896	1028	cmd.exe	114
PID 1028 wrote to memory of 2896	1028	cmd.exe	114
PID 1028 wrote to memory of 748	1028	cmd.exe	115
PID 1028 wrote to memory of 748	1028	cmd.exe	115
PID 1028 wrote to memory of 2728	1028	cmd.exe	116
PID 1028 wrote to memory of 2728	1028	cmd.exe	116
PID 1028 wrote to memory of 4404	1028	cmd.exe	117
PID 1028 wrote to memory of 4404	1028	cmd.exe	117
PID 1028 wrote to memory of 4316	1028	cmd.exe	118
PID 1028 wrote to memory of 4316	1028	cmd.exe	118
PID 1028 wrote to memory of 1296	1028	cmd.exe	119
PID 1028 wrote to memory of 1296	1028	cmd.exe	119
PID 1028 wrote to memory of 4408	1028	cmd.exe	120
PID 1028 wrote to memory of 4408	1028	cmd.exe	120

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\echo off.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:1028
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:2008
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:1016
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4400
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:1480
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:708
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:2960
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:2128
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:3080
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:468
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:916
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4412
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:3444
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:4784
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:4132
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:3744
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:3120
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:5052
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:3468
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4312
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:3660
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:1872
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:1408
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:2580
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:1516
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:2888
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:2896
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:748
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:2728
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:4404
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4316
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:1296
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:4408
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:4288
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4532
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:2356
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:3580
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:2592
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:384
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:32
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:1948
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:4128
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:4764
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4484
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:2196
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:3564
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:780
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4472
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:2852
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:440
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:2240
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:4840
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:2612
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4368
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:2708
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:1536
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:1196
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:2104
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:1584
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:5032
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:5068
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:3552
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:3548
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:1192
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:5036
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:2096
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4476
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:1420
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4824
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:2396
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:1716
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:620
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:1244
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:4292
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:2332
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:3560
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:1992
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:3592
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:4756
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:2348
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:1632
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:1588
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:3248
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:4908
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:3236
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:2712
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:2988
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:1356
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:2476
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:3264
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:896
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:2848
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4300
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:5024
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:4712
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:3652
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:4004
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:4480
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  PID:4852
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - System Network Configuration Discovery: Internet Connection Discovery
  - Runs ping.exe
  PID:1168
- C:\Windows\system32\PING.EXE
  ping -n 1 -w 20 127.0.0.1
  2⤵
  - Runs ping.exe
  PID:1016

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

T1018

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...