Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
22-12-2024 00:42
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
cmd.bat
Resource
win7-20241010-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
cmd.bat
Resource
win10v2004-20241007-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
mesh-64.dll
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
mesh-64.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
cmd.bat
-
Size
189B
-
MD5
6f15cd0263b458116b6698e266ab989c
-
SHA1
83b44519c7a36583e69f2b65dc44738b3ee63145
-
SHA256
9b584a85e3fa666d0e2d6e699f2c1380a788cae2183e417ddd7b58a3939b9112
-
SHA512
892c34b984ac66748e54da0f0b9728c2a02c7bb6932e6fb385daed8f0b855198d3be91d6ade589827e43b2604b186fe7c39b5ffae6589d6cb2037595c3a56866
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1552 wrote to memory of 2000 1552 cmd.exe 32 PID 1552 wrote to memory of 2000 1552 cmd.exe 32 PID 1552 wrote to memory of 2000 1552 cmd.exe 32