Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 20:30
Static task
static1
Behavioral task
behavioral1
Sample
5e8d244025097fdfe8097df44e93906c.zip
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
5e8d244025097fdfe8097df44e93906c.zip
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
730dbefa34e9720347c9157bbe8ff40dfab1b9d352518c726949a8e0ddb17504.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
730dbefa34e9720347c9157bbe8ff40dfab1b9d352518c726949a8e0ddb17504.exe
Resource
win10v2004-20241007-en
General
-
Target
5e8d244025097fdfe8097df44e93906c.zip
-
Size
221KB
-
MD5
5e8d244025097fdfe8097df44e93906c
-
SHA1
28967aee42b1418f91a255e7cb573f553b79a8b2
-
SHA256
697d480badbe629a413db18e2dbb8586075cbcb285d54b84c346c3f514cbcfd6
-
SHA512
85d80934f8598cf556e5bdbe7f9a32cd3f4904621b6a6738e0ed9421dc0d3161302c81d6bcab6d972db04cb6002ebc372a3fcd0addfdc6e000ff579b34cac66e
-
SSDEEP
3072:q7mbcXwkFeMI1STJlrkEJAr2tRSkjPcJqnPCUTfSWvoxyhjHQNXF9vhFv1xQ8Jwv:eNwo17kUnqEPCEaWpyNXF9JFv1xWv
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2848 7zFM.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeRestorePrivilege 2848 7zFM.exe Token: 35 2848 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2848 7zFM.exe