Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
21/02/2024, 13:18
General
-
Target
fixedskibiditoiletclicker.rar
-
Size
14KB
-
MD5
28970ba4e59c17673e1318926bdca5e9
-
SHA1
9c4988a0342e8348e0846ffd6624c5db8da7e60b
-
SHA256
9595d2a8ca21b1a1eea75058f16ab7de4db9da720c30c77bb8eb6313df88bade
-
SHA512
6e046d1c6e7398de7c0b6048fbd7b5cf3c65f0eac8296333d61fa11b23da469c932eaf629ee75c8b081f161be0532ae86f6e6b35bb651b3f3cec7a7064fb52ba
-
SSDEEP
384:hmEThIV2ZADqUR939jae+wxB7O1JO6XW2Gzr:d+YZgqUR9tue+wxB7O1JRXWF
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\fixedskibiditoiletclicker.rar1⤵
- Suspicious use of WriteProcessMemory
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\fixedskibiditoiletclicker.rar"2⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
-