Analysis
-
max time kernel
1561s -
max time network
1562s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
11-10-2024 18:29
General
-
Target
9ea6c2a8b79ac965b247cf87776188361f0023803d9ecfaaed48536740525908.zip
-
Size
733KB
-
MD5
234be2c8564331f13f268ed1b2a49c3b
-
SHA1
ca3537758604aa83b9bbe6526c02f17311fdd483
-
SHA256
9ea6c2a8b79ac965b247cf87776188361f0023803d9ecfaaed48536740525908
-
SHA512
e573b60c9690d3a97db3e2b3d035f9909f4dd5e8748ab8a178bbc5c165e7eaba85ff427f3435a828a75e2155bfe0aa53694ce646f0ab553fa0db8054a5502c79
-
SSDEEP
12288:NWRG09Wo7rQ1sljnznn13jBRUBae0mrNMjx6nEQyOjLtAbagqtOYJgox+WIKo4e:90N7rQ1slzznn13j7kavFx6nEDuVOkR4
Score
1/10
Malware Config
Signatures
-
Modifies Internet Explorer settings 1 TTPs 1 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 11 IoCs
-
Suspicious use of FindShellTrayWindow 5 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\9ea6c2a8b79ac965b247cf87776188361f0023803d9ecfaaed48536740525908.zip"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
-
C:\Windows\explorer.exe"C:\Windows\explorer.exe"1⤵
-
C:\Program Files\7-Zip\7zG.exe"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\AppData\Local\Temp\9ea6c2a8b79ac965b247cf87776188361f0023803d9ecfaaed48536740525908\" -spe -an -ai#7zMap26689:208:7zEvent288801⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
-
C:\Windows\helppane.exeC:\Windows\helppane.exe -Embedding1⤵
- Modifies Internet Explorer settings
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx