Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-10-2024 19:43

General

  • Target

    Rose_1_1_4_2.zip

  • Size

    16.1MB

  • MD5

    6b27604d6f445bce6ad546885c0c0949

  • SHA1

    75967d80043852f69bfc858675298b8fa1da12a9

  • SHA256

    3af2d8280ca274b2d5d06e2494a7e99ba1b26c439e426335bf98c1eb640e38fc

  • SHA512

    e71d31fdefb7b77787f12ea6a5a712240b3d1146c2e7d9212877a83f8a69cb7509b8bc5928674cfb45f125c721f61f6cc9d30ff588e66bbbf77abcf02cc1d97d

  • SSDEEP

    393216:iON95GDgNyOMiyGFty4riUG4/Hv73BwVa6w:iakM4GrjvbBwVa6w

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Rose_1_1_4_2.zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:3468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads