Overview

overview

10

Static

static

3

Sorillus V...ed.zip

windows7-x64

1

Sorillus V...ed.zip

windows10-2004-x64

10

Resubmissions

15-12-2024 09:11

241215-k53v7a1per 10

15-12-2024 09:04

241215-k1sjna1nek 10

Analysis

  • max time kernel
    120s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15-12-2024 09:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Sorillus V6.2 updated.zip

  • Size

    224.0MB

  • MD5

    93c78d45339f83c36c9da8e79d3f1665

  • SHA1

    507de0bdffff3a316e0156fa14e514bf788da446

  • SHA256

    862d9420d4773e4bf8f106e01398a351ff6837a2d02457b48120cd0bb631f162

  • SHA512

    277fca01af54a970f043c1aeb7b10fd0c79aed776b14ac9a706b683372d9adf158cc45cdf1a5d3dfa8faaf5357dcf239e197db2564af460734414d39dbd2318f

  • SSDEEP

    786432:KB7pso5UjVIrcv6c1BsaWWrXzdYCrYVcbGR53UMrwBSlomS5nr5v6sIcI47Tj+2M:KdAacvHBsaT3dp2x3UdiTx/Irg0cwfO/

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Sorillus V6.2 updated.zip"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:2364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads