Resubmissions
14-10-2024 14:20
241014-rnpesstcqp 1012-10-2024 18:58
241012-xmr27azgpp 1014-06-2023 15:35
230614-s1ralaah8s 10Analysis
-
max time kernel
1473s -
max time network
1489s -
platform
windows11-21h2_x64 -
resource
win11-20241007-en -
resource tags
arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system -
submitted
12-10-2024 18:58
Behavioral task
behavioral1
Sample
All.zip
Resource
win10v2004-20241007-en
Behavioral task
behavioral2
Sample
All.zip
Resource
win7-20240903-en
Behavioral task
behavioral3
Sample
All.zip
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
All.zip
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
All.zip
Resource
win11-20241007-en
Behavioral task
behavioral6
Sample
All.zip
Resource
ubuntu2404-amd64-20240523-en
General
-
Target
All.zip
-
Size
7.0MB
-
MD5
2404b782c8a4c1331a548e27e1558ea7
-
SHA1
d801e6e4dc86758272d2f1c591ee6fe492426145
-
SHA256
55e90e18b443a15116c1102dd21397fd1c7dd1e9aff347e1267c27032e3e4bb3
-
SHA512
4c82b0fdf873253a7bbad72e85ada1b569552b755512d727565abb5ec45564a9b7f5a2aae7951dfb97d1aa4cb305c95c3d6e1e3af8c5e1ead244473f624cfbc3
-
SSDEEP
196608:KT8rFf9o0gtSuOOQA7P5Krz2wqYVde4p0CaOB7:KT8t6ROm7hKrz254p0KB7
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 3124 7zFM.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeRestorePrivilege 3124 7zFM.exe Token: 35 3124 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 3124 7zFM.exe