Analysis
-
max time kernel
21s -
max time network
22s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
03-09-2024 14:25
General
-
Target
Aimbothead.exe
-
Size
556KB
-
MD5
f839b99a1c2a9ff32d1b9a1a18615cdc
-
SHA1
5ef0af03b3c6fbb9c4272ccd5c606cf35d47fd34
-
SHA256
c1b6315a64b022050bc15c34aafe5eb27ebb710050fde010bceafe8dd3887747
-
SHA512
270df7c0002210c3c4a971417dbcc826a65fa6f55bc87c4ad18dff99bfde7a58a995708c64fd7c1b771113922521f1695625a8e3c1729a8d1519b5ee1e3bf448
-
SSDEEP
6144:1KlgO+sa97RtCZgO3CeyIuajoQ0Fu8omyOhLRJ1pQJ6TROrZc8OkFXPdWriYeMyV:1OtRdVOLRJ1pQYTsrZc8OAErAMVneWc
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 10 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Aimbothead.exe"C:\Users\Admin\AppData\Local\Temp\Aimbothead.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c cls2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c certutil -hashfile "C:\Users\Admin\AppData\Local\Temp\Aimbothead.exe" MD5 | find /i /v "md5" | find /i /v "certutil"2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\certutil.execertutil -hashfile "C:\Users\Admin\AppData\Local\Temp\Aimbothead.exe" MD53⤵
-
-
C:\Windows\system32\find.exefind /i /v "md5"3⤵
-
-
C:\Windows\system32\find.exefind /i /v "certutil"3⤵
-
-