Overview

overview

1

Static

static

1

discord-im...in.zip

windows7-x64

1

discord-im...in.zip

windows10-2004-x64

1

Resubmissions

20/11/2024, 13:14

241120-qg1ntaxanf 1

20/11/2024, 13:14

241120-qgpxba1rbp 3

Analysis

  • max time kernel
    1562s
  • max time network
    1563s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    20/11/2024, 13:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    discord-image-logger-main.zip

  • Size

    10KB

  • MD5

    32e9e3d18841d7b3432d6fc0e9379d25

  • SHA1

    c3fc7f8fabb1578c03b632f69ceb479f1b0ef4a8

  • SHA256

    cdaa30be778a5f7b035cc6e3ca2d7bc41116e9c66db35ed0b730f8c9e7c49e12

  • SHA512

    62aa55a9e8cc697a61b63ebdbb2315e32d2ed4dd481d5a807c300a77e804f1a282a5965e663140a0bfc96c65e806afca4297bc86e348f4df7370b72d9668fd1a

  • SSDEEP

    192:QxqYm8TM2shemjv4fr+BXypE1mF5AikhN7sumbDgvlbfnlY9U9:Fz2qNQfr+BXxGanbjz9bfn

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\discord-image-logger-main.zip"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:1404

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads