Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2024, 15:39

General

  • Target

    обходик — копия/service_remove.bat

  • Size

    574B

  • MD5

    d39171c85f3e4560e23fd937a66fd335

  • SHA1

    0e75017263f2512974710bbfffb869a44f6d7c42

  • SHA256

    e6c71d0db937472d4612a45a9b2214369175d71c5ebfa031255ae23d4586e50a

  • SHA512

    3385ed91027b118d38f9275c72026349c58930818781b619f21281bdc43f49340727d2766e1d3748d42cb3fb9fa2011478246e2d3b531d889d1e40132fc1f857

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\обходик — копия\service_remove.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2492
    • C:\Windows\system32\chcp.com
      chcp 65001
      2⤵
        PID:2276

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads