Analysis
-
max time kernel
7s -
max time network
12s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
11-05-2024 01:02
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
tfghost v2_[unknowncheats.me]_.exe
Resource
win7-20240221-en
windows7-x64
6 signatures
150 seconds
Behavioral task
behavioral2
Sample
tfghost v2_[unknowncheats.me]_.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
tfghost v2_[unknowncheats.me]_.exe
-
Size
110KB
-
MD5
bb02000d02ecbb1be74be0d892e4d75c
-
SHA1
bd080bc8e104b90f8123cbba763618f6ac6c6923
-
SHA256
d12015c722dc46c42a1d446e56c4e96a60525314de358ad0e0410f7a037baef1
-
SHA512
0e7a082f8cd276ed34beeb96986c8c2295d89ced1f183246f26489eebfa28480939483e93e774a773fb8344043afadd0f22f64d2750df003cd18f5a9f0bad659
-
SSDEEP
3072:PYMEWromwPS5jVRhR6OkFZoCDj2W6EWNfynxjpY0DLIS3JT:PFSPw6DoCPAOLII
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe 3220 tfghost v2_[unknowncheats.me]_.exe