Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
21/11/2024, 10:33
General
-
Target
msq.tar
-
Size
11.5MB
-
MD5
9573e2ebda676ca274ef34e74f1ae9cb
-
SHA1
6c1ff92f8badc7a0bef87ea304d3cff54ffd03ea
-
SHA256
f529fccbca5cbe72b562bca6e48a17917fff867cc2e7abf2629ece002c6f1118
-
SHA512
9c7667fed2c786bba1e0ef1e233770d9f84cc6df9056a4801d49ea3303d88907a2df3541b8f05000a4c217c3413f3bd9e3ad8b6b6aa69514cf177dbae91aa0e2
-
SSDEEP
98304:TZsc9iv1N7DB+T2/oOR/GUa5l7SoQE+MEAQ4MCe6NKMXy08c2fcRFAnQczQXR9OE:0a3RBP506NRXV8c2fcRFAn2h9O3uLB
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\msq.tar"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow