Resubmissions

28-10-2024 00:19

241028-al8bfswbrc 3

27-10-2024 06:22

241027-g46znsslhr 1

26-10-2024 10:54

241026-mzm9natclb 3

25-10-2024 21:14

241025-z3q6yavdmb 10

Analysis

  • max time kernel
    35s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27-10-2024 06:22

General

  • Target

    RNSM00436.7z

  • Size

    70.2MB

  • MD5

    5203ef0108208cd0f82278c15b5ef62d

  • SHA1

    caf7e1b519073e78d82ab479cef4eda3dfb2081e

  • SHA256

    54efded0c82f76a168ee6aa0fbf96f54693eb1d1c1b12c6a733ceb24d40c497e

  • SHA512

    83f416c07c49f587d7a57dbefe3a65a7169e022085c6938c93a8ab0c53b00cb54c22a404156aa8d93b7173a79039f6d59a9cf6adc16cec65d4d1a92827d805fa

  • SSDEEP

    1572864:LYLhPSFGAnRCNq06snfEMDuuqTXzUiaYlOiqn3TdvGcICnYP:sLlSFbnUfxKuqbQiaYlT+3pvf5y

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\RNSM00436.7z"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:2192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads