Resubmissions
13-11-2024 23:34
241113-3kmbta1eqc 1013-11-2024 22:28
241113-2dpb6azme1 1011-11-2024 05:34
241111-f9w6zstjbz 1011-11-2024 03:05
241111-dlmlja1jbx 1011-11-2024 03:00
241111-dhk9aszrdz 1008-11-2024 08:59
241108-kx2cdssjdk 1008-11-2024 08:55
241108-kvvf3aymdw 10Analysis
-
max time kernel
0s -
max time network
6s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
13-11-2024 22:28
Static task
static1
Behavioral task
behavioral1
Sample
241105-dtxrgatbpg_pw_infected.zip
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
241105-dtxrgatbpg_pw_infected.zip
Resource
win10v2004-20241007-en
General
-
Target
241105-dtxrgatbpg_pw_infected.zip
-
Size
132.7MB
-
MD5
136b5aad00be845ec166ae8f6343b335
-
SHA1
e51860dfb734c9715b6c9b74d9c582abe03ca90c
-
SHA256
38bc13ef112b2f17d4d1a80243fac6a521b5d58228984aae0752d79487fa3b66
-
SHA512
ed56b1afa85e304d6973d69e289631f15955d1619c6943a376d7d319018057d1a6fa0aa340ea6d43037ee17014f13e74e5ebddaf3aec62bf8e2da6b20b14ce42
-
SSDEEP
3145728:m2t5SZQXkJuAwd3u5d5VO4Z9WSXL5qgP47khuJWCvcICllCCrE/z:m6ClwdeyqWSXVqeU5J7CvCCrgz
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
7zFM.exedescription pid process Token: SeRestorePrivilege 2516 7zFM.exe Token: 35 2516 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
Processes:
7zFM.exepid process 2516 7zFM.exe