314166f9dde25b13c5cca86e65a67b26dbae5dcf17dccf7c5a5eb21d3ff76316 | Triage

Analysis

max time kernel
93s
max time network
16s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
19-10-2024 16:13

Sharing

Report Analysis Logs

General

Target

G K M 9 5.rar
Size

9.6MB
MD5

39eaf06aff90c74b0fb6b2d98c939f6f
SHA1

48af9760de8234c93d7f7b2af5d429950ece6190
SHA256

314166f9dde25b13c5cca86e65a67b26dbae5dcf17dccf7c5a5eb21d3ff76316
SHA512

69aabefdf3438a004b49ee0ec04571d072e7e2df93b1925e997e25d8cc25c02fa960d025bf1cdcddf428437835f6a75f8d50c7dc5420ea61a7571bfbd628696c
SSDEEP

196608:+9D+lduWOcYQXeOVzkB9ASy6rSniS6SAxAm4y5G/VqMpb7LS8D8nY:+AEctXvVzkB9xyESQhfPw/wY

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeRestorePrivilege	376	7zFM.exe
Token: 35	376	7zFM.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
376	7zFM.exe

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\G K M 9 5.rar"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:376

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads