Analysis
-
max time kernel
94s -
max time network
95s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
19/09/2024, 03:42
General
-
Target
uninstall.bat
-
Size
249B
-
MD5
eccb8a01d0427ef29c2380d7dda399f3
-
SHA1
302601e99d6b02e2e84a0de5c0dce3df139cba31
-
SHA256
083cd340c800cc021d4a59388680ce0e7ab0f8b998e67def6a507070e7fa01b7
-
SHA512
78d51882fe04cb64f9f6a82b604ef20e4324e5bc37701747fa55b3c153baa5942774daf737ff204f9e75e81a745ed95cc7ec115da91b9e27e646ed41d3f103f9
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\uninstall.bat"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\RDPWInst.exe"C:\Users\Admin\AppData\Local\Temp\RDPWInst" -u2⤵
- System Location Discovery: System Language Discovery
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.4MB