Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

C:\Windows\SysWOW64\cmd.exe

cmd /C ""C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2120,i,135501077680062421,12792918039034419605,262144 --variations-seed-version=20240425-050055.366000 --mojo-platform-channel-handle=2236 /prefetch:3"

Details

Is windows:	true
Is dropped:	false
PID:	2076
Target ID:	0
Parent PID:	5324
Name:	cmd.exe
Class:	cmd
Path:	C:\Windows\SysWOW64\cmd.exe
Commandline:	cmd /C ""C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2120,i,135501077680062421,12792918039034419605,262144 --variations-seed-version=20240425-050055.366000 --mojo-platform-channel-handle=2236 /prefetch:3"
Size:	236544
MD5:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Time:	22:34:26
Date:	26/04/2024
Reason:	newprocess
Reputation:	high
Is admin:	true
Is elevated:	true
Modulebase:	0x240000
Modulesize:	368640
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

C:\Windows\System32\conhost.exe

C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

Details

Is windows:	true
Is dropped:	false
PID:	4600
Target ID:	1
Parent PID:	2076
Name:	conhost.exe
Path:	C:\Windows\System32\conhost.exe
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Size:	862208
MD5:	0D698AF330FD17BEE3BF90011D49251D
Time:	22:34:26
Date:	26/04/2024
Reason:	newprocess
Reputation:	high
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff7699e0000
Modulesize:	892928
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Spawns processes	System Summary	Process Injection

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report

Processes