Overview

overview

7

Static

static

3

possibly m...7z.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

7-zip.chm

windows10-2004-x64

1

7-zip.dll

windows10-2004-x64

3

7z.dll

windows10-2004-x64

3

7z.exe

windows10-2004-x64

3

7z.exe

windows10-2004-x64

3

7zCon.exe

windows10-2004-x64

3

7zFM.exe

windows10-2004-x64

3

7zG.exe

windows10-2004-x64

3

Uninstall.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

possibly m...P2.exe

windows10-2004-x64

6

possibly m...er.exe

windows10-2004-x64

6

possibly m...ar.exe

windows10-2004-x64

3

possibly m...er.exe

windows10-2004-x64

3

possibly m...AR.exe

windows10-2004-x64

3

possibly m...ll.exe

windows10-2004-x64

3

possibly m...AR.exe

windows10-2004-x64

3

possibly m...cp.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    0s
  • max time network
    41s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-uk
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-uklocale:uk-uaos:windows10-2004-x64systemwindows
  • submitted
    21/11/2024, 10:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    possibly malware/7z.exe

  • Size

    912KB

  • MD5

    8908886ae257281846271d5de50a92b0

  • SHA1

    307d52fc2abdd3005481f330bbf2b403a09faa08

  • SHA256

    3adc723889588100f757e433e402df9ba1918c7b5fc98628d51d8140935121c8

  • SHA512

    8eb3c2fbfea16ba4c40cf597dc43dc031590d4c24d838521a198aea31a04c4b79fb38b90a6c9ce423fd2420e7d6670c5364359743089e769769043bc340c874e

  • SSDEEP

    24576:A3qZ8KdvJ8JHdONQdOAjgq6Vc3gEp6175wPPg/XRtY:AqZ8KdvQdWqacgs6VG3UE

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\possibly malware\7z.exe
    "C:\Users\Admin\AppData\Local\Temp\possibly malware\7z.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsxB325.tmp\InstallOptions.dll
    Filesize

    12KB

    MD5

    99bc22826a0568dce241be3a4ffd0c0d

    SHA1

    62e4662250abdf10d23a61076fd7cbd00a5c5b6f

    SHA256

    120e4fac0538b7e7b75934706668063a4e7785d0405dca43fde36d55f6d968de

    SHA512

    35b016b6e2dc850e5432becd57f35faf73b180c0a6f822a406cf9d5439a87126c41c49aac025cdeecd38bbd01705ddbd8c217cb33134e978ecc9624053b52be9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsxB325.tmp\ioSpecial.ini
    Filesize

    486B

    MD5

    8cffb24e583acb6f4f0024e533715ec8

    SHA1

    22421bff860d9e36910e5a88eaa8b03d40d2bb48

    SHA256

    938df54b94800b5d3426d9974b86b7de3cf204670a2dd840d81e463332acc5c5

    SHA512

    527fe3db62e7fbf9b56d42178f459bd5a75f33c0f3495232776436f3a137e47203cc460204a19b5fc923f6ea1e6888fa43e2f296651271bef7cc385fe5094e61

    Download Submit