Overview

overview

10

Static

static

3

220913-j71...ed.zip

windows11-21h2-x64

1

7943496156.zip

windows11-21h2-x64

1

7508939c07...13.exe

windows11-21h2-x64

10

7d14b98cdc...b0.exe

windows11-21h2-x64

10

Resubmissions

04/12/2024, 11:29

241204-nlnhyayram 10

04/12/2024, 11:07

241204-m8g41atlg1 10

Analysis

  • max time kernel
    442s
  • max time network
    444s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    04/12/2024, 11:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    220913-j719psahcl_pw_infected.zip

  • Size

    720KB

  • MD5

    84c7288625c23b6c2a0c2d1d7633c6e2

  • SHA1

    d69b7004a3e442c83ee73d02b449c13ecfc56651

  • SHA256

    2f3a05d6d6f8112288da101615f749ffd479cd535e1cc665c7851154e79bcab9

  • SHA512

    288e68ae151706cf7a0f1ce049eecf4c5659d8778e4bf225ab05578e5fb42d30311396d6a94dc74193a3ce1d9da7c4238fe1d34b3eb552590310f96c63c38ff7

  • SSDEEP

    12288:zaUjK0UwWIl61+m1n/uDJV1jiGogi6+vqhnZSk7Hvr+1fiOUuWd3:zBjHQj1d1nWDJDTog4ShZ7SRQua3

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\220913-j719psahcl_pw_infected.zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:4780

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads