Overview

overview

10

Static

static

1

3NOTIFICAC...01.rar

windows7-x64

1

3NOTIFICAC...01.rar

windows10-2004-x64

1

NOTIFICACI...AB.tar

windows7-x64

1

NOTIFICACI...AB.tar

windows10-2004-x64

1

NOTIFICACI...ca.exe

windows7-x64

10

NOTIFICACI...ca.exe

windows10-2004-x64

10

NOTIFICACI...43.dll

windows7-x64

3

NOTIFICACI...43.dll

windows10-2004-x64

3

Resubmissions

19-11-2024 14:53

241119-r9l7kaxcra 10

18-11-2024 10:27

241118-mg45fsvdnr 10

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-11-2024 14:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3NOTIFICACIÓN ELECTRÓNICA CENDO RAMA JUDICIAL DEL PODER PÚBLICO ESM CONFIRMAR RECIBIDO.tar.CAB.tar.001.rar

  • Size

    2.1MB

  • MD5

    d7331e0f2805c0e823ac1752f57c3dff

  • SHA1

    906b584f4eacc8e22f7d5fbc3c5d9ef50b0ab850

  • SHA256

    e0109770f45824e51fe40466c79cd5928d9c5573df92473cfdf4ec3394cc1b27

  • SHA512

    256bf4427ad029dac6e0d086cfa8b972ade0e7cc94bd0598dbde368a41678b602a452d1d773e5478e3e6d40383373bcde6b81f3949944b752e1ad55132852ae7

  • SSDEEP

    49152:UUOAGEzYeD6lXJ5knvOuKMai3PhHneoU7h06O9h:TOSzTDAZyvOuKrOwq6wh

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\3NOTIFICACIÓN ELECTRÓNICA CENDO RAMA JUDICIAL DEL PODER PÚBLICO ESM CONFIRMAR RECIBIDO.tar.CAB.tar.001.rar"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:1984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads