Overview

overview

10

Static

static

1

Eclipsе.zip

windows7-x64

1

Eclipsе.zip

windows10-2004-x64

10

Analysis

  • max time kernel
    90s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2024, 01:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Eclipsе.zip

  • Size

    18.9MB

  • MD5

    e7c0d076502f074c70c78465bffccb72

  • SHA1

    2785ae9ea0662184bebf8132dccbfac4d277e845

  • SHA256

    48bb56a44a813810a6465aaef162f304a167b8ead478f625c29c19c0f071f130

  • SHA512

    9397a938410ab6ed759a073124eb8fc08751adcafbb58e810b66f56d5db91ba87360b883f69b7c8bdc46eb95de2a75ed7433a6f33603853efe7dfa12eeb7cb0b

  • SSDEEP

    393216:QK71T6i8lbHsbXdT95s0l4OsEQiS4RagjYUl7/wGyodpSQsznU+HWLsyDyF/B9C8:QRlQdR5Rlx84RaIVl7zDdwzn92LKB+kb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Eclipsе.zip"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:2748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads