Analysis
-
max time kernel
1310s -
max time network
1134s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
18-12-2024 12:48
Static task
static1
Behavioral task
behavioral1
Sample
Unlock_App_v1.4.rar
Resource
win7-20240903-en
windows7-x64
11 signatures
1800 seconds
Behavioral task
behavioral2
Sample
Unlock_App_v1.4.rar
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
1800 seconds
General
-
Target
Unlock_App_v1.4.rar
-
Size
48.5MB
-
MD5
1188b089c5d39b9f9b1acbf22f8cd9f2
-
SHA1
048ec6ba611e1369a0919e5ac96ae6234b8c4796
-
SHA256
759d9653d595c7f8de4c55d22ce266c809aaa4c06e35a3590ccd9aaa97177cdd
-
SHA512
f8ac0ed5953fdf09856ef6d1e9bf852d2c0f395cb89a09d3d5472c6efc54e4315e8ef5d3d958a14879d451b42f9104eb590ab9f44dc7a063a08abc1d4fc6a6d9
-
SSDEEP
1572864:4eHpjJ0gJDfbz+jlxanXJTOkCNRa34d4A:4eD0gtWranXpgnfdj
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeRestorePrivilege 2928 7zFM.exe Token: 35 2928 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2928 7zFM.exe