92212adf7fc27d9a3b396d0763e9090cf335825f2afad4740a0ee266229fc1ce | Triage

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20241023-en
resource tags

arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
submitted
14/02/2025, 01:28

Sharing

Report Analysis Logs

General

Target

install.bat
Size

164B
MD5

5e0ea4d3565753fa245b8f98c686c961
SHA1

3a2ed260628f3b7ae22e5b9d3b26fa02eeb48f0b
SHA256

468ccc04e9db7d3b6151de4cc2526f9eee72e6f6db075bf38ce2d23a114c7a01
SHA512

0e6a832d2a079abfcef1d485098aa64a0409732463cefc9852cd00353d248a0e1cff9170555d83c6733f70b83cdc66ab04d30ffdfc8cf3ab98317e719fd44f7c

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2272 wrote to memory of 1064	2272	cmd.exe	31
PID 2272 wrote to memory of 1064	2272	cmd.exe	31
PID 2272 wrote to memory of 1064	2272	cmd.exe	31

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\install.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:2272
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /K start.bat
  2⤵
  PID:1064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads