Overview

overview

10

Static

static

10

VANTA TEMP.rar

windows10-2004-x64

8

VANTA TEMP.rar

windows10-ltsc 2021-x64

10

VANTA TEMP.rar

windows11-21h2-x64

1

vanta perm/vanta.exe

windows10-2004-x64

8

vanta perm/vanta.exe

windows10-ltsc 2021-x64

10

vanta perm/vanta.exe

windows11-21h2-x64

8

��O���.pyc

windows10-2004-x64

��O���.pyc

windows10-ltsc 2021-x64

��O���.pyc

windows11-21h2-x64

Analysis

  • max time kernel
    675s
  • max time network
    1149s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    02-12-2024 02:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VANTA TEMP.rar

  • Size

    8.3MB

  • MD5

    03e69d91f86543e623990c2de8bb5629

  • SHA1

    3a2c1d731f574216fb6cc0a403a41f150d72445f

  • SHA256

    2cbaea8e3a01a54e663d098aa41605bb5a67178f341e8f56656259d274d13a35

  • SHA512

    ac64125c715b84a54adc5530f988afee0464392779f08d7eea1af6f3715f2f55fd226b63f5700cca4ad06e8b52fbbfa76ff1a5cab37788a46716618a72dbbbeb

  • SSDEEP

    196608:pPkXMhRdMqBh000xC8LJItCGDi86fAJ7Ay3iMDJeV3zKs/5Ks1V6uj5:p+MNnBuBbLawGDi8IY7ANMI865euj5

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\VANTA TEMP.rar"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads