Resubmissions
28-10-2024 00:19
241028-al8bfswbrc 327-10-2024 06:22
241027-g46znsslhr 126-10-2024 10:54
241026-mzm9natclb 325-10-2024 21:14
241025-z3q6yavdmb 10Analysis
-
max time kernel
35s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
27-10-2024 06:22
Static task
static1
Behavioral task
behavioral1
Sample
RNSM00436.7z
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
RNSM00436.7z
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
RNSM00436.7z
-
Size
70.2MB
-
MD5
5203ef0108208cd0f82278c15b5ef62d
-
SHA1
caf7e1b519073e78d82ab479cef4eda3dfb2081e
-
SHA256
54efded0c82f76a168ee6aa0fbf96f54693eb1d1c1b12c6a733ceb24d40c497e
-
SHA512
83f416c07c49f587d7a57dbefe3a65a7169e022085c6938c93a8ab0c53b00cb54c22a404156aa8d93b7173a79039f6d59a9cf6adc16cec65d4d1a92827d805fa
-
SSDEEP
1572864:LYLhPSFGAnRCNq06snfEMDuuqTXzUiaYlOiqn3TdvGcICnYP:sLlSFbnUfxKuqbQiaYlT+3pvf5y
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2192 7zFM.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeRestorePrivilege 2192 7zFM.exe Token: 35 2192 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2192 7zFM.exe