VirusTotal reports 1.1.9 with ATT&CK ID T1055

Bug graveyard
1

Steps to reproduce

Run Obsidian.1.1.9.exe scan in VirusTotal

Expected result

Clean report

Actual result

VirusTotal reports 1.1.9 with ATT&CK ID T1055 (detailed here)

Update: flags “writing data to a remote process”, listing files %WINDIR%\SysWOW64\tasklist.exe and %WINDIR%\SysWOW64\find.exe

Environment

Windows 10 Enterprise version 22H2

Additional information

(none)

2

it’s a false positive.