f84d3cc85b7295ab59906d9c3305be94d8ad71a4261685118bee231c86e7b171

Analysis

max time kernel
43s
platform
windows11-21h2_x64
resource
win11-20240419-en
resource tags

arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
submitted
27-04-2024 22:17

Target

BoostTool.exe
Size

13.3MB
MD5

342a8574c1810f446d50e338e2387cff
SHA1

3d528af95a0ab4924e903cf42d121985c386d300
SHA256

f84d3cc85b7295ab59906d9c3305be94d8ad71a4261685118bee231c86e7b171
SHA512

7982ac87853e675f34772be5d7bca6387cddf23780fd575dff2d7b640a06f1089fafebce00fdb47977014ab4081c8c11f9a3192d4d2a94489e580ff7248a6e2d
SSDEEP

98304:f7utmPlS1RecMcjj6NQM0Efw4HbSMWQOfQtwZbF2/2PHGFJvGw+gweY6:fLPlS1Ra+j6NhfdgvQt4F2/2vM5Gwce

Score

1^/10

Suspicious use of WriteProcessMemory 10 IoCs

Processes:

BoostTool.exe

description	pid	process	target process
PID 3884 wrote to memory of 3084	3884	BoostTool.exe	cmd.exe
PID 3884 wrote to memory of 3084	3884	BoostTool.exe	cmd.exe
PID 3884 wrote to memory of 4176	3884	BoostTool.exe	cmd.exe
PID 3884 wrote to memory of 4176	3884	BoostTool.exe	cmd.exe
PID 3884 wrote to memory of 3396	3884	BoostTool.exe	cmd.exe
PID 3884 wrote to memory of 3396	3884	BoostTool.exe	cmd.exe
PID 3884 wrote to memory of 4516	3884	BoostTool.exe	cmd.exe
PID 3884 wrote to memory of 4516	3884	BoostTool.exe	cmd.exe
PID 3884 wrote to memory of 1116	3884	BoostTool.exe	cmd.exe
PID 3884 wrote to memory of 1116	3884	BoostTool.exe	cmd.exe

C:\Users\Admin\AppData\Local\Temp\BoostTool.exe
"C:\Users\Admin\AppData\Local\Temp\BoostTool.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3884