Overview

overview

1

Static

static

1

Zerolocker.zip

windows7-x64

1

Zerolocker.zip

windows11-21h2-x64

1

Analysis

  • max time kernel
    19s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    07/03/2024, 19:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Zerolocker.zip

  • Size

    170KB

  • MD5

    78ccd1b69323ef0c601d7dee32bacecf

  • SHA1

    e05ef1e93738d77e1c9f671a7456f60e3e9935bb

  • SHA256

    d7e74233f855b8a347000661329170c08aabf91e00f77e9a14f7ded12b02511c

  • SHA512

    9df2dc070fddc9b3cb71076e91906dfb40278596e231e7df1ad6aa436d0f232147ab6623c30b83b3481805efad935059a6e48f553ca7a0c1c84881a10e20ba3a

  • SSDEEP

    3072:AofpYcnMByc2zNjZlZBOjS+rk7L2d7JmPinkg4+NW56KutQwB+O1eA/M9gAeDuq7:yDuqJGfWeVSgE29xxspm0n1vuz3j9xvC

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\Zerolocker.zip
    1⤵
      PID:2064
    • C:\Windows\system32\verclsid.exe
      "C:\Windows\system32\verclsid.exe" /S /C {0B2C9183-C9FA-4C53-AE21-C900B0C39965} /I {0C733A8A-2A1C-11CE-ADE5-00AA0044773D} /X 0x401
      1⤵
        PID:1248
      • C:\Program Files\7-Zip\7zG.exe
        "C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\AppData\Local\Temp\Zerolocker\" -spe -an -ai#7zMap5669:100:7zEvent31314
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        PID:2684

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads