26e2cc6a5515d34aba0cfa5072d62fc30d69b55422f1d4e153056aad78be346e | Triage

Analysis

max time kernel
122s
max time network
129s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
19/07/2024, 23:06

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Creed All Spoofer/Run.bat
Size

68B
MD5

b0d79d150291c828b6b2755ed873dc36
SHA1

f1eaa29eb4387af110feafbb6594aeb9809a429f
SHA256

0fd2bf9c09d09440b8350b8fac5ec689c3aec78d5f8cc70ed993d85cc7b727a7
SHA512

6ea57a7b6001f3334b6cb3bd286b912ddead007bc25822b75e2dde507da233593583146cb985cc2e2ee03339aa217cbbecdbf05e58893810706da5a0766b5e5b

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2320	Lmao.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2448 wrote to memory of 2320	2448	cmd.exe	31
PID 2448 wrote to memory of 2320	2448	cmd.exe	31
PID 2448 wrote to memory of 2320	2448	cmd.exe	31

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Creed All Spoofer\Run.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:2448
- C:\Users\Admin\AppData\Local\Temp\Creed All Spoofer\Lmao.exe
  Lmao.exe -p Creed.exe -a "SpArtOrOnTOP"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2320

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads