Overview

overview

10

Static

static

10

Applicatio...iu.exe

windows7-x64

3

Applicatio...iu.exe

windows10-2004-x64

1

install-Tr...rs.bat

windows7-x64

1

install-Tr...rs.bat

windows10-2004-x64

1

setup.exe

windows7-x64

3

setup.exe

windows10-2004-x64

10

unetbootin...02.exe

windows7-x64

6

unetbootin...02.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2024 18:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    install-Tria-S.O.2.7.3-Win7_WinServer2008_R2_and_newers.bat

  • Size

    1KB

  • MD5

    ad3cb27366ebf30476d1be13cfb5d4d1

  • SHA1

    5f4878822be96e3e85809c1b14ecc9573b8ec6d1

  • SHA256

    ae77da3087cdbf5815ce95efa8e4c8d25ee0d1867f8730931b226be517b9e513

  • SHA512

    4905794d54991b8c5eff569d7ef15de7c863e78ef03717e2c695add14f76ca9f2f2da31af130bfaf7947d16345741cb8994fbf9559bcbc0bd945cf61ba0ce773

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\install-Tria-S.O.2.7.3-Win7_WinServer2008_R2_and_newers.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Windows\system32\xcopy.exe
      xcopy /Q /Y unetbootin-windows-702.exe "C:\Users\Admin"\
      2⤵
        PID:2204

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads