Overview

overview

10

Static

static

3

σUŞe_~~1...σ.zip

windows7-x64

1

σUŞe_~~1...σ.zip

windows10-2004-x64

1

σUŞe_~~1...σ.zip

windows7-x64

1

σUŞe_~~1...σ.zip

windows10-2004-x64

1

Register.dll

windows7-x64

3

Register.dll

windows10-2004-x64

3

Resource/C...tity-H

windows7-x64

1

Resource/C...tity-H

windows10-2004-x64

1

Resource/C...tity-V

windows7-x64

1

Resource/C...tity-V

windows10-2004-x64

1

Resource/C...BK-EUC

windows7-x64

1

Resource/C...BK-EUC

windows10-2004-x64

1

Resource/C...TF16-H

windows7-x64

1

Resource/C...TF16-H

windows10-2004-x64

1

Resource/C...TF16-V

windows7-x64

1

Resource/C...TF16-V

windows10-2004-x64

1

Resource/F...td.otf

windows7-x64

4

Resource/F...td.otf

windows10-2004-x64

7

Resource/F...ld.otf

windows7-x64

4

Resource/F...ld.otf

windows10-2004-x64

7

Resource/F...ue.otf

windows7-x64

4

Resource/F...ue.otf

windows10-2004-x64

7

Resource/F...ue.otf

windows7-x64

4

Resource/F...ue.otf

windows10-2004-x64

7

Resource/F...td.otf

windows7-x64

4

Resource/F...td.otf

windows10-2004-x64

7

Resource/F...ld.otf

windows7-x64

4

Resource/F...ld.otf

windows10-2004-x64

7

Set-up.exe

windows7-x64

3

Set-up.exe

windows10-2004-x64

10

ccme_ecc.dll

windows7-x64

1

ccme_ecc.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19-11-2024 16:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    σUŞe_~~19111547~~__Asπσ_Pswd_σ.zip

  • Size

    15.2MB

  • MD5

    362f49e97ced3a22a2feafc50cfa901b

  • SHA1

    ca6be4087d6c619f561eaf2332b304bc3d6a9520

  • SHA256

    9cc639b89556218cf878a591e4119f7d54de66381c5425df49b756862e17e6bb

  • SHA512

    868f62860e7a04589ef9bb34be73a6376d6fd63f01aa02b5c0db92daee0546dce9df6b48eb80fae452f2d06834c531bc6312cf46ce57f79b95b4fd2f549853f0

  • SSDEEP

    393216:C7WYlpUbi4e/avO/0Qx8uWs1OZzdEf8WjRrixQhP097hi:MdV/aE0uWlzdCN1P0phi

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 10 IoCs
  • Suspicious use of FindShellTrayWindow 6 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\σUŞe_~~19111547~~__Asπσ_Pswd_σ.zip"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:2992
    • C:\Users\Admin\AppData\Local\Temp\7zO0BB28AC8\Set-up.exe
      "C:\Users\Admin\AppData\Local\Temp\7zO0BB28AC8\Set-up.exe"
      2⤵
        PID:1744
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:2736
      • C:\Windows\system32\AUDIODG.EXE
        C:\Windows\system32\AUDIODG.EXE 0x4f8
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2676

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Temp\7zO0BB28AC8\Set-up.exe
        Filesize

        135KB

        MD5

        a2d70fbab5181a509369d96b682fc641

        SHA1

        22afcdc180400c4d2b9e5a6db2b8a26bff54dd38

        SHA256

        8aed681ad8d660257c10d2f0e85ae673184055a341901643f27afc38e5ef8473

        SHA512

        219c6e7e88004fad9f4392be9a852c58fc43b7f6900e40370991427f37eaea5c18f48d2954f9479dde8bcb787345f4e292d5620add8224aec4d93d7968820b83

        Download Submit