Overview

overview

10

Static

static

10

BITCOIN GE...TE.zip

windows11-21h2-x64

1

BITCOIN GE...df.exe

windows11-21h2-x64

10

Analysis

  • max time kernel
    663s
  • max time network
    459s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241023-en
  • resource tags

    arch:x64arch:x86image:win11-20241023-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    30-12-2024 03:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BITCOIN GEN PRIVATE.zip

  • Size

    1.2MB

  • MD5

    2e0fc78070cbd8de4396acfe491986ac

  • SHA1

    f6bf2b612f83f90483d12792696f9529840ad3ac

  • SHA256

    ce179bf67e184c300fbc5b796ef511c14470a9d3c970298bc8e52beaf7fb1195

  • SHA512

    dfcb0391f27912eb0bef5ba9dcfcfaff38f9a6886ffbd23e2ca70ec66a203050fbbe22544894936653cf99bc2c86948692b0e43e87377a5088c59a079167b814

  • SSDEEP

    24576:2pXWKEEizZPwD9NzHNTjInXCzJ9tgNODSY/X/ifKsxA42DUSL6/:2lW12zFISWisxA42Yw6/

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\BITCOIN GEN PRIVATE.zip"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:3856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads