Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 20:54
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
9x19jv.rar
Resource
win7-20240708-en
3 signatures
300 seconds
Behavioral task
behavioral2
Sample
9x19jv.rar
Resource
win10v2004-20241007-en
19 signatures
300 seconds
General
-
Target
9x19jv.rar
-
Size
2.2MB
-
MD5
704006e18bfab669d5b49f387d170e8c
-
SHA1
7fd249bba183732e37a4b8fce64cb998032e5e7d
-
SHA256
355e7cf09659d9ec64ed4d3ff6b20653986076169d803ad6dbd1a529b15efa17
-
SHA512
d0eab549b63c0e35f8d5119892de7db67f9b85c4840cc724fb2b1a4e3db6f0cd5d375820d0b4430060553aa2cd69690f108a5d87f9cd07321d51f528e440147a
-
SSDEEP
49152:3zC/e4TU/Eb5v1RRAgDw3AoxdunNc+EUSe1svtNZDTg+Y2SOC700uK/NK7K4O:OG4TfvrUQoKNXHP67ZPgH2RT0uK/7
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1620 7zFM.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeRestorePrivilege 1620 7zFM.exe Token: 35 1620 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 1620 7zFM.exe