1303791d5361f853607ab0e98fc6f102c7ac3585358d680a05f20c7f365c302c

Resubmissions

11-05-2024 16:53

11-05-2024 16:51

max time kernel
93s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
11-05-2024 16:51

Target

Skiioh's Performance Pack v2 (FREE)/(2) Input Delay SkiiohTweaks.bat
Size

50KB
MD5

8f095f28dc40da100080de16a1893bb5
SHA1

c55689a7086ca40732ef90815a6a561c4ebdfad7
SHA256

043597ee99fec3d546bff45e2d14557998e4c94e358a8986e5d500ca463e2605
SHA512

2e996ab04b81951ac3f246b1b6efd5a147ba9b1ca3127ee3593ccda36012bd415b9004601fa0cc32f27c6b765f4db2c589db7d87e67fa831b5c651a37ad6d7f8
SSDEEP

768:9TTlgASfto9l56CPRPoiZAS6Yg14oHSpEykfI9YCY1YhuAXmgAdcbbDqQXeS0AZA:p20ZI4g5

Score

1^/10

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 1552 wrote to memory of 3560	1552	cmd.exe	83
PID 1552 wrote to memory of 3560	1552	cmd.exe	83
PID 3560 wrote to memory of 3356	3560	cmd.exe	84
PID 3560 wrote to memory of 3356	3560	cmd.exe	84
PID 1552 wrote to memory of 1236	1552	cmd.exe	85
PID 1552 wrote to memory of 1236	1552	cmd.exe	85
PID 1552 wrote to memory of 2584	1552	cmd.exe	86
PID 1552 wrote to memory of 2584	1552	cmd.exe	86

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\Skiioh's Performance Pack v2 (FREE)\(2) Input Delay SkiiohTweaks.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:1552
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c chcp
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:3560
- - C:\Windows\system32\chcp.com
    chcp
    3⤵
    PID:3356
- C:\Windows\system32\chcp.com
  chcp 708
  2⤵
  PID:1236
- C:\Windows\system32\cmd.exe
  cmd /c ""C:\Users\Admin\AppData\Local\Temp\Skiioh's Performance Pack v2 (FREE)\(2) Input Delay SkiiohTweaks.bat" "
  2⤵
  PID:2584