Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
17-10-2024 16:41
General
-
Target
heroes-of-might-and-magic-3-platinum-collection-v40-russian-no-cdfixed-exe.rar
-
Size
923KB
-
MD5
742ba943ace158f66ca49f040ed5d675
-
SHA1
7193d873e5c3a03a6330662fa478a8a2023b0204
-
SHA256
47e7217568d1c6c50dbe08f42ca32028f66a13a81806d0ce65c76259f4df1cc6
-
SHA512
e0bff25bb9d861d8dfa787484b9346ea428b61e21b0cf86ee89cbceafe62db8810bcde1fd9e4a5f4bfef521ddbd41c79e8271445c17279a1eb0cd7539f308e23
-
SSDEEP
24576:ESiKdgsppaK2a0d0kgDccCezRFxtHDqslNTbfjnRnC:EnKZppaKnI0kjbezR3tVN78
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\heroes-of-might-and-magic-3-platinum-collection-v40-russian-no-cdfixed-exe.rar"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow