Overview

overview

10

Static

static

10

test.zip

windows7-x64

7

test.zip

windows10-2004-x64

1

test.exe

windows7-x64

7

test.exe

windows10-2004-x64

7

Resubmissions

12-12-2024 18:25

241212-w2m64ssngw 10

10-12-2024 17:57

241210-wjmsmaxjhj 10

Analysis

  • max time kernel
    93s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-12-2024 18:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    test.zip

  • Size

    30.1MB

  • MD5

    b92085c896b23aa3614ba281a36c21ca

  • SHA1

    e8c86707789cd46f491a3a3c2ee1ffab047a9d27

  • SHA256

    1018ad28adc4c368308ed52fbb9d82337b581d7191aa0c11f428ef00c977100c

  • SHA512

    9503ee0b2960c1bc92ed922daabd16fd67347139e052fc6bf746b04e8a9d3b9bdb39dc5f1d94a7d61b4c43f0b4f0d59c363e7852984dff63b479eee136799b6d

  • SSDEEP

    786432:2CAHAeVeAeUfBNad2W1f8k70+1fHAAeQL6tCTYJ8a:2DHAq5eUDw2W1Uk0+1fTKCsB

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\test.zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:4748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads