Analysis

  • max time kernel
    63s
  • max time network
    65s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-12-2024 21:28

General

  • Target

    Unlock_App_v1.4.rar

  • Size

    48.5MB

  • MD5

    1188b089c5d39b9f9b1acbf22f8cd9f2

  • SHA1

    048ec6ba611e1369a0919e5ac96ae6234b8c4796

  • SHA256

    759d9653d595c7f8de4c55d22ce266c809aaa4c06e35a3590ccd9aaa97177cdd

  • SHA512

    f8ac0ed5953fdf09856ef6d1e9bf852d2c0f395cb89a09d3d5472c6efc54e4315e8ef5d3d958a14879d451b42f9104eb590ab9f44dc7a063a08abc1d4fc6a6d9

  • SSDEEP

    1572864:4eHpjJ0gJDfbz+jlxanXJTOkCNRa34d4A:4eD0gtWranXpgnfdj

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Unlock_App_v1.4.rar"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:1468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads