Overview

overview

10

Static

static

10

All In One Pack.rar

windows7-x64

1

All In One Pack.rar

windows10-2004-x64

1

All In One Tweak.exe

windows7-x64

7

All In One Tweak.exe

windows10-2004-x64

8

Gg7���.pyc

windows7-x64

Gg7���.pyc

windows10-2004-x64

Analysis

  • max time kernel
    17s
  • max time network
    20s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03-12-2024 04:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    All In One Pack.rar

  • Size

    6.6MB

  • MD5

    7a32a19e6bd45a0e77b3d3ae506e3c83

  • SHA1

    6980b72e6cd8655a6d583f0e6ed317f2c9ade8f1

  • SHA256

    7d4679915ac9c62845ee8922dcff924475930ed219ece8d49b4eed5be446b085

  • SHA512

    8b940ed21fffe3ea11c7f3e8191a2b0ff6016fb0880ba133766e171b67070cd0a77d46e671345acc7711b6eca78409f28af5c5345c55672d607c8c3e40e2151a

  • SSDEEP

    98304:55rFg7m3I6cAB479xSr/V2pDWkzuB03XQ8WAL8y9nFnx9FleQNUt+O1q13Bvdsy:5dFbYbRSh2okzuBoXQ8WQ7nleea72ldV

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\All In One Pack.rar"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:2280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads