Resubmissions
12-11-2024 03:23
241112-dxl45sxjbk 10Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
12-11-2024 03:23
Behavioral task
behavioral1
Sample
Requirements installer.bat
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Requirements installer.bat
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Source Code.py
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Source Code.py
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
VytrixDuper.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
VytrixDuper.exe
Resource
win10v2004-20241007-en
General
-
Target
Requirements installer.bat
-
Size
579B
-
MD5
0731cb4896061c40bdab8f55ce5917c8
-
SHA1
e4862132209e887b39b3b39bcb0b359718b893a7
-
SHA256
13a491dcfdae51bc4ac63144b494932690ecbc5d99646b039e65ed26a141a5bc
-
SHA512
f76a0e38bbbdc18ccb77ca108e6d3eef3d4bb769bb2412c8533253658b45594cf37b8571417dd4d1671b51acf4508373af97db130bfd25e32a23ab6509307f84
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2972 wrote to memory of 3052 2972 cmd.exe 31 PID 2972 wrote to memory of 3052 2972 cmd.exe 31 PID 2972 wrote to memory of 3052 2972 cmd.exe 31