639a17eed5125ced4bd08a468204732fa2d37d42d3a47465d22f3afe45b7c7a1

Resubmissions

21-11-2024 02:56

241121-dfcjdaxfnb 8

21-11-2024 02:55

21-11-2024 02:39

21-11-2024 02:38

21-11-2024 02:35

21-11-2024 02:23

21-11-2024 02:17

Analysis

max time kernel
5s
max time network
17s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
21-11-2024 02:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

639a17eed5125ced4bd08a468204732fa2d37d42d3a47465d22f3afe45b7c7a1.zip
Size

3.9MB
MD5

d436a7f9e06e611bff0cb685039aa1ff
SHA1

2396f1730ad30aa07475d8a2df1a688836513c58
SHA256

639a17eed5125ced4bd08a468204732fa2d37d42d3a47465d22f3afe45b7c7a1
SHA512

84afb7d1a0ae1997ad7b359aac7c4cbb2fb191b59734e66e27f13985beedd9afd083931380b38d854ed7f4d607f6a42dd5f9a0db8fa4936749d71bd06ba108c9
SSDEEP

98304:hZanHcQyaMI3AsE+RL6jefCkW376vBpkJ:n48jdE+HjOCkk+vA

Score

1^/10

Malware Config

Signatures

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeRestorePrivilege	2216	7zFM.exe
Token: 35	2216	7zFM.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2216	7zFM.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4656	MiniSearchHost.exe

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\639a17eed5125ced4bd08a468204732fa2d37d42d3a47465d22f3afe45b7c7a1.zip"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2216

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4656

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads