Analysis
-
max time kernel
1384s -
max time network
1170s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
01/06/2024, 18:44
General
-
Target
01-06-2024_YKK69exTwLdFPLp/TFGhost v3.1_CHEATER.FUN/TFGhost/DirtyBypassInjector.exe
-
Size
84KB
-
MD5
b533a099b777db857b48d70f0f9c434c
-
SHA1
8453053bbc6e7ba16f126c03b7da7c7788e2b779
-
SHA256
15aec7b2ff74d269eee685db011ff582698af4f3b6fd78a6074aa587749106a6
-
SHA512
b4102fe027d6e1c3d27a71506a5da1da54e69f717776ad5d8d972bca88c3ad29f1d0aad15f499b67a54162d7323e789156867427bd70892e46842277a47ab167
-
SSDEEP
1536:+u6+fbSs6z3bKW3WwSI3WUyImOiVnbmCBnuqxqAboVYkT9ZDAB3AYON1Pvk:Res6zrp3ZVmOiVncqxqAsVY09ZDBNVk
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\01-06-2024_YKK69exTwLdFPLp\TFGhost v3.1_CHEATER.FUN\TFGhost\DirtyBypassInjector.exe"C:\Users\Admin\AppData\Local\Temp\01-06-2024_YKK69exTwLdFPLp\TFGhost v3.1_CHEATER.FUN\TFGhost\DirtyBypassInjector.exe"1⤵
- Suspicious behavior: EnumeratesProcesses