Overview

overview

3

Static

static

3

Valorant R...22.dll

windows10-2004-x64

1

Valorant R...II.dll

windows10-2004-x64

1

Valorant R...M7.dll

windows10-2004-x64

1

Valorant R...pi.dll

windows10-2004-x64

1

Valorant R...rm.cmd

windows7-x64

1

Valorant R...rm.cmd

windows10-2004-x64

1

Valorant R...rm.cmd

windows7-x64

1

Valorant R...rm.cmd

windows10-2004-x64

1

Valorant R...rm.cmd

windows7-x64

1

Valorant R...rm.cmd

windows10-2004-x64

1

Valorant R...rm.cmd

windows7-x64

1

Valorant R...rm.cmd

windows10-2004-x64

1

Valorant R...rm.cmd

windows7-x64

1

Valorant R...rm.cmd

windows10-2004-x64

1

Valorant R...ds.dll

windows10-2004-x64

1

Valorant R...eg.dll

windows10-2004-x64

1

Valorant R...ui.dll

windows10-2004-x64

1

Valorant R...32.dll

windows10-2004-x64

1

Valorant R...er.dll

windows7-x64

1

Valorant R...er.dll

windows10-2004-x64

1

Valorant R...er.dll

windows7-x64

1

Valorant R...er.dll

windows10-2004-x64

1

Valorant R...er.dll

windows7-x64

1

Valorant R...er.dll

windows10-2004-x64

1

Valorant R...er.dll

windows10-2004-x64

1

Valorant R...dr.dll

windows10-2004-x64

1

Valorant R...ps.dll

windows10-2004-x64

1

Valorant R...m.html

windows7-x64

3

Valorant R...m.html

windows10-2004-x64

3

Valorant R...47.dll

windows10-2004-x64

3

Valorant R...eg.dll

windows7-x64

3

Valorant R...eg.dll

windows10-2004-x64

3

Resubmissions

08-08-2024 03:56

240808-ehkhfashla 3

Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-08-2024 03:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Valorant Root TBR12.045/Config/Tools/Sources/winrm.cmd

  • Size

    33B

  • MD5

    f80eef72983614db418a0c1fae21ebc1

  • SHA1

    1e741199065307b6fe1f820f20e68ea99877a008

  • SHA256

    8323d52f2ff69fedf02ab6238e9e3319d091e47a13afd17ed0300aad0c0a881e

  • SHA512

    28e7a256e36fb550f7b49d427162bd18db84ea6c8dbec637f8d50aec086a5522bbb2c5338b669fa80a5d82ba8094d3b815c97fa6fc9513774bba88c1b2aa94f2

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\Valorant Root TBR12.045\Config\Tools\Sources\winrm.cmd"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3612
    • C:\Windows\system32\cscript.exe
      cscript //nologo "C:\Users\Admin\AppData\Local\Temp\Valorant Root TBR12.045\Config\Tools\Sources\winrm.vbs"
      2⤵
        PID:2860

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads