10f65b5ff82a1838a20614cc7bf379e8f55c3d46ef9ecaba7837c17ec44ce49f

Resubmissions

04/03/2025, 19:23

04/03/2025, 19:21

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
04/03/2025, 19:23

Target

Destiny Mod Menu/Destiny/Unistall.cmd
Size

652B
MD5

cbcf3f62d09c0384fac1e9aa7864eaf9
SHA1

ef3c625e9bb9437bea730533565a77cff3f442ac
SHA256

2ff897d3073ba334e43ad3ca2e65b6297b74d72931f45eda6caf6082b5b22768
SHA512

95b982a66a396c1e79371521957299bde29df1eab65f4b1905fc64530ab1a1d109ae597448a183b79c596874d730d7a6a52ea7836aba7f4ca7fc8a3d306654ac

Score

1^/10

Delays execution with timeout.exe 7 IoCs

defense_evasion

Suspicious use of WriteProcessMemory 21 IoCs

description	pid	Process	procid_target
PID 2108 wrote to memory of 2248	2108	cmd.exe	32
PID 2108 wrote to memory of 2248	2108	cmd.exe	32
PID 2108 wrote to memory of 2248	2108	cmd.exe	32
PID 2108 wrote to memory of 2452	2108	cmd.exe	33
PID 2108 wrote to memory of 2452	2108	cmd.exe	33
PID 2108 wrote to memory of 2452	2108	cmd.exe	33
PID 2108 wrote to memory of 2472	2108	cmd.exe	34
PID 2108 wrote to memory of 2472	2108	cmd.exe	34
PID 2108 wrote to memory of 2472	2108	cmd.exe	34
PID 2108 wrote to memory of 1172	2108	cmd.exe	35
PID 2108 wrote to memory of 1172	2108	cmd.exe	35
PID 2108 wrote to memory of 1172	2108	cmd.exe	35
PID 2108 wrote to memory of 1168	2108	cmd.exe	36
PID 2108 wrote to memory of 1168	2108	cmd.exe	36
PID 2108 wrote to memory of 1168	2108	cmd.exe	36
PID 2108 wrote to memory of 2192	2108	cmd.exe	37
PID 2108 wrote to memory of 2192	2108	cmd.exe	37
PID 2108 wrote to memory of 2192	2108	cmd.exe	37
PID 2108 wrote to memory of 2196	2108	cmd.exe	38
PID 2108 wrote to memory of 2196	2108	cmd.exe	38
PID 2108 wrote to memory of 2196	2108	cmd.exe	38

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Destiny Mod Menu\Destiny\Unistall.cmd"
1⤵
- Suspicious use of WriteProcessMemory
PID:2108
- C:\Windows\system32\timeout.exe
  timeout /t 2 /nobreak
  2⤵
  - Delays execution with timeout.exe
  PID:2248
- C:\Windows\system32\timeout.exe
  timeout /t 2 /nobreak
  2⤵
  - Delays execution with timeout.exe
  PID:2452
- C:\Windows\system32\timeout.exe
  timeout /t 2 /nobreak
  2⤵
  - Delays execution with timeout.exe
  PID:2472
- C:\Windows\system32\timeout.exe
  timeout /t 2 /nobreak
  2⤵
  - Delays execution with timeout.exe
  PID:1172
- C:\Windows\system32\timeout.exe
  timeout /t 3 /nobreak
  2⤵
  - Delays execution with timeout.exe
  PID:1168
- C:\Windows\system32\timeout.exe
  timeout /t 2 /nobreak
  2⤵
  - Delays execution with timeout.exe
  PID:2192
- C:\Windows\system32\timeout.exe
  timeout /t 3 /nobreak
  2⤵
  - Delays execution with timeout.exe
  PID:2196