1fef3ffb433d16b566453a794280a2487581fe3d7d17adffeb2bbc75abacea46 | Triage

Analysis

max time kernel
240s
max time network
253s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
16-11-2024 18:22

Sharing

Report Analysis Logs

General

Target

RATS PACK.rar
Size

129.6MB
MD5

c48b7d922d28f8db63f8b0311324ad39
SHA1

61d4526c819904995ba867ae257f149c36ad63f6
SHA256

1fef3ffb433d16b566453a794280a2487581fe3d7d17adffeb2bbc75abacea46
SHA512

fe59766600a4399387ec58eb3d1ac44dc6b091b96d663d7d4e203a3d30431160a8c4e3df1b53606d06d4dcac04b2691bd585cf2f92588a0cd23b9d8b9656229d
SSDEEP

3145728:0yPCzjR/Igf2bh5eBSbcZH1R206JRUc0u:07hPogSgl1x6JRr0u

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeRestorePrivilege	2172	7zFM.exe
Token: 35	2172	7zFM.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2172	7zFM.exe

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\RATS PACK.rar"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2172

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads