Analysis
-
max time kernel
1151s -
max time network
1158s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-es -
resource tags
arch:x64arch:x86image:win10v2004-20241007-eslocale:es-esos:windows10-2004-x64systemwindows -
submitted
10-12-2024 16:09
Static task
static1
Behavioral task
behavioral1
Sample
CamScanner#0612202415110000000000000000.rar
Resource
win7-20241010-es
windows7-x64
12 signatures
1800 seconds
Behavioral task
behavioral2
Sample
CamScanner#0612202415110000000000000000.rar
Resource
win10v2004-20241007-es
windows10-2004-x64
2 signatures
1800 seconds
Behavioral task
behavioral3
Sample
CamScanner#0612202415110000000000000000.vbs
Resource
win7-20241010-es
windows7-x64
6 signatures
1800 seconds
General
-
Target
CamScanner#0612202415110000000000000000.rar
-
Size
3KB
-
MD5
dd659fb5279839abe2bab48610175c54
-
SHA1
79294ffe6bf042f4f0254626b3c8b70dbf260ffb
-
SHA256
928c6c39a20bc722a42bfe3292ad99447b3e8b78714fd52d08a160029afc70ec
-
SHA512
d7ce003fd54b08469094206a7c97e4c07985d2a7073e708fcd5d098303b1aeb68deac4f77e894d230699dda7ab94736ef839fa8eec2b68ad1d69ef047fbb7f57
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeRestorePrivilege 2980 7zFM.exe Token: 35 2980 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2980 7zFM.exe