Analysis
-
max time kernel
1s -
max time network
3s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
21-10-2024 16:04
General
-
Target
Mensajes en cuarentena.zip
-
Size
636KB
-
MD5
17efe4e64bf28bfb62ba67da84444d15
-
SHA1
9a5c1fb1145dfd5008ddbe4cdbb167525f2e11c5
-
SHA256
a580d66b0d0957cfb2c06d6ac3cfa1bc1965c94fcdc553f7580d3c5275f74b36
-
SHA512
a4d4bfcaead62bc535abe982799862dd8b342958b524e7d559c26f382ee1b71cc1ae00bdfcb7e65519be59e36a60ab42e4a34913cf35359af98fa72df33fd266
-
SSDEEP
12288:+ZGeuKUjt2oQqu6fX0iL5dQzbrGR4T3gD4pBtpRoD99El81arZk:+Z3s22Xv1m84A4rt3opaOsdk
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Mensajes en cuarentena.zip"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow