Resubmissions
27-10-2024 17:44
241027-wbmsna1dlj 1Analysis
-
max time kernel
44s -
max time network
58s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
27-10-2024 17:44
Static task
static1
Behavioral task
behavioral1
Sample
RNSM00428.7z
Resource
win10v2004-20241007-en
windows10-2004-x64
3 signatures
60 seconds
General
-
Target
RNSM00428.7z
-
Size
100.2MB
-
MD5
6c2b29d11f244eeeb6236ae5e8d5bf8e
-
SHA1
0bbd142818b414240627c312be06018fd01ddd90
-
SHA256
7580b9b56219ca324572123befd4663f265782508ef8b2159b86e56f747f987e
-
SHA512
9bbb791eb8b3a0c1b89fbf9487bbe20992c7882124f6eba6c496eef624db28e677208bb2e4de34751fee8c617dbbfb3bc2de711f0a36793f3ecfde5ac672c3cb
-
SSDEEP
3145728:LX1PIf6FbDsWpgzVsD2tcTHNyqqO0gMvHsbG4:b9If6xQZsD2erIqd0gMvE
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 4568 7zFM.exe -
Suspicious use of AdjustPrivilegeToken 4 IoCs
description pid Process Token: SeRestorePrivilege 4568 7zFM.exe Token: 35 4568 7zFM.exe Token: SeSecurityPrivilege 4568 7zFM.exe Token: SeSecurityPrivilege 4568 7zFM.exe -
Suspicious use of FindShellTrayWindow 3 IoCs
pid Process 4568 7zFM.exe 4568 7zFM.exe 4568 7zFM.exe