Overview

overview

3

Static

static

3

e0544e28ba...a2.zip

windows7-x64

1

e0544e28ba...a2.zip

windows10-2004-x64

1

1020412420...ll.exe

windows7-x64

1

1020412420...ll.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    94s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/10/2024, 09:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e0544e28ba3d163444e727bbc9fb4b717a2f0caf1f8c8097294a983d4b2977a2.zip

  • Size

    2.7MB

  • MD5

    1f8e7c6b36e845056b180e0aee9e5d46

  • SHA1

    abe89e7d5bfdfeda03b358f26d76e36159aed4dd

  • SHA256

    e0544e28ba3d163444e727bbc9fb4b717a2f0caf1f8c8097294a983d4b2977a2

  • SHA512

    62e7887153ca5d1b1f3c440bd670a50e1b7b238bd17cd20661048993dd843e5962d8a770ab3bce943a2b7bb6b0120339329826e042356a9786b23b621a3cf6d7

  • SSDEEP

    49152:F6n7a1dvXnE7J9XZ1gmwxWEOKnJOEMdcDTv4sjhZqlLut7a/HPZhoG:F67kdE7J7FwxbnJOEM2DT9jWQt7aHPZT

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\e0544e28ba3d163444e727bbc9fb4b717a2f0caf1f8c8097294a983d4b2977a2.zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:5012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads