Overview

overview

1

Static

static

1

invoice.zip

windows7-x64

1

Analysis

  • max time kernel
    31s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    26-03-2023 03:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    invoice.zip

  • Size

    1KB

  • MD5

    6eb92b8dae5730ff7d6da2cab832c3c3

  • SHA1

    fe81cf3ad9040f75e4c0bce8ce1cb4ddea82ee54

  • SHA256

    dc3885a6d719df87955bdb33a9e41bed998bac9d800d7ae2362ded6923b30f60

  • SHA512

    98f3b2281346ae865c3bba9f3ec451033b492136922e3625421776a7382f75bc2d9a0cfa0ce70b7147103be7a2bb9655d44d6b459d89ad265b3233f393d5dab2

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\invoice.zip
    1⤵
      PID:948
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:332
      • C:\Windows\system32\AUDIODG.EXE
        C:\Windows\system32\AUDIODG.EXE 0xd0
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:1476

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads