Steps to reproduce
Run Obsidian.1.1.9.exe scan in VirusTotal
Expected result
Clean report
Actual result
VirusTotal reports 1.1.9 with ATT&CK ID T1055 (detailed here)
Update: flags “writing data to a remote process”, listing files %WINDIR%\SysWOW64\tasklist.exe
and %WINDIR%\SysWOW64\find.exe
Environment
Windows 10 Enterprise version 22H2
Additional information
(none)