67413ce3fa4f395a2ac6c7aa963ccea27d149670a9423c75fb6fc5300e9a49c2

Analysis

max time kernel
1790s
max time network
1792s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
19/11/2024, 10:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cmd(Copy 32).bat
Size

190B
MD5

ab7e7b16804ed31b78b5da720d8950f2
SHA1

a9abc75f8bd2ced024ca91bb4625d643a2931d06
SHA256

21076876e61aabca6310d346d59a2cd68074186fb02c208eb37a934cc73f7289
SHA512

f2fe850e30a1750ac6885a6c356e916b507f4a650803f213f2ff9ef6d51c17e75a460d81206d0fd570a30757eb7f48c25364c71e2e041ce02908dff00c11e09f

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2656 wrote to memory of 2988	2656	cmd.exe	29
PID 2656 wrote to memory of 2988	2656	cmd.exe	29
PID 2656 wrote to memory of 2988	2656	cmd.exe	29

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\cmd(Copy 32).bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:2656
- C:\Users\Admin\AppData\Local\Temp\sugarmaker-amd.exe
  "C:\Users\Admin\AppData\Local\Temp\"sugarmaker-amd.exe -a YespowerTIDE -o stratum+tcp://stratum-eu.rplant.xyz:7059 -u TD368ah8Kuzn2quR7g6r8sUYbsVvKzwpyc.SGM -t 4
  2⤵
  PID:2988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2988-0-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-3-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-4-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-5-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-6-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-7-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-8-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-9-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-12-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-13-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-15-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-16-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-19-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-21-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-22-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-23-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-25-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-26-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-27-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-28-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-29-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-30-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-33-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-34-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-36-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-37-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-38-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-39-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-42-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-43-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-44-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-45-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-48-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-49-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-50-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-51-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-52-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-54-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-55-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-56-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-57-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-58-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-59-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download
memory/2988-60-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads