Analysis
-
max time kernel
20s -
max time network
22s -
platform
windows10-2004_x64 -
resource
win10v2004-20231201-en -
resource tags
-
submitted
10/12/2023, 16:23
General
-
Target
Myamis.exe
-
Size
68.7MB
-
MD5
b02f7e167dc91738bca2dcde79b47847
-
SHA1
464a15d3022469913bd8436ba336ea60899ee0f6
-
SHA256
4d6df8be4cbf87f70725bb155e3db60d8d5459101a652e59a092a462f69947fc
-
SHA512
e3d70e9ee96b39d75ff4f961e8dd86dc31874b3bc59afcd9a074d00484dc70c5e72931818f34e0870a547ea59a2bb50756a1c8da8a85b953e8c3742a71c18531
-
SSDEEP
393216:PV+ZQsSz+Lp5zGHixDx1S96BLj5WBDvt5NU9Z8xnQUl1M8QshGsl1VWaFfSx9hSO:QCVz+LT371SoNjWPNLd1pQshPQLntT4G
Score
1/10
Malware Config
Signatures
-
Delays execution with timeout.exe 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Myamis.exe"C:\Users\Admin\AppData\Local\Temp\Myamis.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Windows\SYSTEM32\cmd.exe"cmd.exe" /c start cmd /C "color b && title Error && echo Signature checksum failed. Request was tampered with or session ended most likely. & echo: & echo Response: {"success":false,"message":"Invalid license key"} && timeout /t 5"2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.execmd /C "color b && title Error && echo Signature checksum failed. Request was tampered with or session ended most likely. & echo: & echo Response: {"success":false,"message":"Invalid license key"} && timeout /t 5"3⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\timeout.exetimeout /t 54⤵
- Delays execution with timeout.exe
-
-
-